Wednesday, March 1, 2017

Roast Beef is Shiny - Tips for Creating Passwords

During the first week or so of Semester, a lot of new students come to the InfoHelp desk to try to set a password.

We have rules for passwords, and if your password does not match those requirements, our systems won't let you use it.

Additionally, Microsoft (who runs our email accounts) is *really* strict with passwords.  Our systems will let you get away with a password that passes 90% of the rules, but Microsoft won't like it at all - this means you'll be able to access systems like LearnJCU, but you won't be able to get into your email.

So here's some advice on picking a good password:

  1. Make it memorable.  Forgetting your password doesn't help.  A word, name or phrase that means something to you or will stick in your head is a good place to start.
  2. Make sure you have at least 8 characters (no more than 16).
  3. Include at least one capital letter, at least one lowercase letter and at least one number - you need at least one of each for a valid password.  Adding a symbol or punctuation mark is also good, but check the rules for some symbols you can't use.
  4. Don't use your name, or your username - or part of your name or username.  If you have several letters in a row that matches your name, Microsoft will hate that.  It also hates some words, so avoid using a straight-up dictionary word.
  5. Don't use Password, qwerty123 or anything like this.  It's just really bad, and Microsoft will definitely reject it.
  6. Keep a copy of your password somewhere for future reference, but don't carry it with you and don't share it with anyone.  If you make your password memorable, then you can keep a reminder with you.
Take this for an example password:  R0astB33f1sSh1ny

It's a bit long (you don't need one that long), but I'll remember it because it's a phrase that will stick in my head - "roast beef is shiny".

The first letter of every word is a capital, and I've made some of the letters numbers.  In my phone, I can put in a note that will remind me of my password, but not reveal it to anyone.
Username: jcXXXXXX
Password: What is shiny?
And because it looks like a random collection of letters and numbers, our systems will love it and it will be hard for someone else to guess.

No comments: