Password Best Practices
Your online safety is important, and your password is one of the most important ways to keep yourself safe. Here’s our guide to creating a password to help you keep your information secure.
Use a Passphrase, Not a Password
You’re better off using a longer passphrase rather than a short complex password. Each additional character added to the password makes it exponentially harder to guess for hackers.
What do you think is easier to guess? Ad3lph! or ilikepuppiesandkittens? Even though Ad3lph! has a combination of capitalization, numbers and special characters, the fact that it is shorter makes it much easier to guess.
The strongest password will have length with some complexity, but not something that’s too difficult for you to remember. If you have a misspelled word it makes it harder to guess as well. Think ilikepupp3rs&kitteNs; you’ll remember this more easily than T2&sd9L!, and you’ll be more secure.
Use Different Types of Characters
Include a combination of numbers, special characters, upper- and lower-case letters.
You should also mix it up a little bit; three symbols in a row is not as effective as having them broken up randomly by other characters.
Use Two-Factor Authentication
Two-factor authentication (2FA) is an extra precaution that requires you to put in an extra code that you get through your phone/email or app (such as Google Authenticator) whenever logging in on an unfamiliar device. You should use two-factor authentication (2FA) whenever it is available to safeguard from hackers.
Use a Different Password for Each Account
Using the same password for every account might make it easier for you to memorize, but it also makes it easier for a hacker to gain access to ALL of your information. Diversify your passwords across accounts to ensure your info is secure.
Use a Password Manager
A password manager will store all your passwords for you, and even create unique, strong passwords for each account you have. You only have to memorize one master password, and you’re more secure than before. Awesome, right?
You should look into multiple options before deciding what’s best for you.
The University does not endorse any particular password manager.
Don’t Use Common Terms
Names, addresses and dictionary words are easily guessable by hackers. You might think that your dog’s name and your street address number are a clever combo, but it’s something a hacker would look for.
You should also avoid sequences like “12345” or “qwerty,” as they are common and easy to guess.
Test Your Password
Ensure your password is strong by putting it through an online testing tool.