Security

Creating Strong Passwords

Password Requirements
The following rules for stronger passwords are currently enforced for Parnassus, Homer Admin and e-mail, but are recommended for all other systems as well. The password rules are as follows:

  • Must be at least 8 characters, but not more than 16 characters (16-character maximum only applies to Netpass)
  • Must consist of a combination of letters, numbers and one or more of these special characters: ! (exclamation point), % (percent sign), * (asterisk), + (plus sign), -(dash or minus sign), ? (question mark), _ (underscore)
  • Cannot contain the user name for that system 
  • Cannot be a password that has been used within the last 18 months

The sections below suggest various methods for creating secure passwords that are fairly easy to remember.

Favorite Lyrics/Phrases/Sentences
Think of a song title, phrase, or sentence that is easy to remember.  Using the example "Stairway to Heaven", by Led Zeppelin, the first line of that song is "There's a lady who's sure all that glitters is gold."  Take the first letter of each word to get Talwsatgig.  Add a number and special character to create an acceptable password.

Combine Small Words
A combination of small common words with a special character and number mixed in makes a secure password that is easier to remember.

Character Replacement
In this method, one or more letters is replaced with a similar looking number and special character. For example, Apple becomes 4pp!e, Gleam becomes 6!eam, or razzle becomes ra22!e.  However, character replacement are not any more secure because modern password cracking applications can recognize and use character substitution. Please see this link for more information: http://optimwise.com/passwords-with-simple-character-substitution-are-weak/

What NOT to Do

  • DO NOT share passwords with co-workers, friends, or relatives.
  • DO NOT write passwords on a sticky note, notepad, or anything stored in or around monitors or desks.
  • DO NOT store passwords in unencrypted or plain text files on a computer DO NOT let others watch a password as it is typed.