One of the best methods for generating a password is to do the following:
- Make up a sentence you can easily remember. Some examples:
Now take the first letter of every word in the sentence, and include the punctuation. You can throw in extra punctuation, or turn numbers into digits for variety. The above sentences would become:
- I have two kids: Jack and Jill.
- I like to eat Ben & Jerry's ice cream.
- No, the capital of New Jersey isn't Glassboro!
As you can see, the passwords generated by this method can be fairly secure, but are easy to remember if the sentence you pick is one that is easy for you to remember.
(Please don't use one of the sentences above to generate your password.)
This is a link to a video that goes over another good password creation scheme - http://www.youtube.com/watch?v=COU5T-Wafa4
- Do not choose a password based upon personal data like your name, your username, birthday or other information that one could easily be discovered about you.
- Do not choose a password that is a word (English or otherwise), proper name, name of a TV shows, or anything else that would be contained in a dictionary. Hackers will launch a “dictionary attack” by passing every word in a dictionary (which can contain foreign languages as well as the entire English language) to a login program in the hope that it will eventually match the correct password. The programs which perform dictionary attacks are often capable of trying simple permutations on dictionary words as well (such as trying them backwards).
- Do not choose a password that is a simple transformation of a word, such as putting a punctuation mark at the beginning or end of a word, converting the letter "l" to the digit "1", writing a word backwards, etc. For example, "password,123" is not a good password, since adding ",123" is a common, simple transformation of a word.
- Do not choose passwords less than 8 characters long and that that are made up solely of numbers or letters. Use letters of different cases, mixtures of digits and letters, and/or non-alphanumeric characters.
You should avoid writing down your password. You should especially avoid writing it down and leaving it in a non-secured place such as on a post-it on your monitor or a piece of paper in your desk. If you absolutely must write something down, we suggest doing the following:
- Don't write down the entire password, but rather a hint that would allow you (but nobody else) to reconstruct it.
- Keep whatever is written down in your wallet or other place that only you have access to.
Finally, and most importantly, NEVER tell anyone your password or send it in an email. Many scams use fake warnings to trick people into sending or submitting their passwords to them. No legitimate company or financial institution will EVER ask you to submit sensitive personal information through an e-mail or a link in an e-mail. No one in Information Resources at Rowan will ever ask you to send them your password. Please protect your information as much as you would protect your bank account.