Fix Your Passwords

Password Guidelines:

  • Make your passwords long — preferably more than 15 characters, but at least 8.  Do not use someone's name, nor any single word found in a dictionary. It may help to put a symbol (i.e., !@#$%^&*(), etc.), and/or a number in it, but most importantly, make it long.

  • Remember:  If it's in the dictionary, don't use it!  Hackers use a "dictionary attack" program — automatically trying every word in the dictionary, and every combination under 8 characters (including numbers), until they break in.

  • As long as the web site or program allows long passwords, pick three or four random common words, and string them together with no spaces between them, such as correcthorsebatterystaple

  • As another approach, think of a sentence or phrase that you know, and others don't, and then make a long acronym out of it.  For example, "Mama don't allow no guitar playin' around here" becomes mdangpah.
  • If the web site or program requires a capital letter, number, or symbol, go ahead and put it in an easily-remembered place.  Remember, length counts more than complexity.
  • BAD passwords look like fido, paris, sally, <your car license number>, <your sweetheart's name>, <your birthday>, etc.
  • You could also keep your passwords in a password-encrypted Excel spreadsheet (of course, if you forget that password, you're sunk!) .