Using Strong Passwords
Use strong passwords everywhere.
No matter how many walls are placed around your machine, there is always a key for complete access: your password. There are countless programs that attempt to determine passwords, both by guessing common passwords and by randomly generating possibilities and trying them all, or a combination of the two.
The best defense is a "strong password." A strong password is a combination of numbers, uppercase letters, lowercase letters, and if possible, special characters (for example, !@#$%^&,*). This makes the password nearly impossible to guess in a reasonable amount of time, and ensures that all the hard work you put into keeping your machine well-defended does not go to waste. The longer the password, the harder it is to guess.
Of course, as passwords get closer to random numbers and letters, they also become more difficult to remember. That doesn't mean that you have to choose a weaker password either. You can m15peLL w0Rdz intentionally, or use a mnemonic device like a strong passphrase. Be sure to read the Microsoft article below for some very useful advice on creating strong passwords.
And Remember: If you think there's a chance that someone else has seen your password – make sure you change it immediately.
Guidelines for Creating Strong Passwords
What is a Strong Password?
A strong password is designed to be complex and therefore difficult to guess or crack. Columbia University maintains the following password requirements:
- A password must be between 8 and 64 characters long.
- A password must have at least three of the following:
- Uppercase letter
- Lowercase letter
- Special character
- A password less than 12 characters cannot contain common words or personal identifiers (name and UNI)
- Beginning October 2013, to set a new password, it must be different from the last five that were used.
- Longer passwords (or "passphrases") can be formed using a phrase or sentence. They are easy for you to remember, but difficult for others to guess.
- A short phrase or sentence is often easier to remember.
- If you use a phrase or sentence of at least 12 characters you can use dictionary words.
Other Important Password-Related Guidelines
- Your account is your responsibility. Do not share your passwordwith others, including technicians. CUIT staff will never ask foryour password.
- Do not choose a password that is based on personal information thatsomeone who knows you may be able to guess.
- Do not use your user ID (UNI) or your name/department name as yourpassword
- Do not use your University ID (UNI) and password for access tothird-party systems (e.g., online shopping, newspapers, travelwebsites)
- Avoid letting software save or store your passwords. Not only will youincrease the chance that someone will be able to access data onyour computer or personal information, but you will be more likely toforget the password if you do not type it in regularly.
- Always log out of programs or websites and close your browser(i.e., Internet Explorer, Firefox or Chrome) when you are done working,especially on public computers.
- Protect your passwords and treat them as valuables.
To reach this page quickly in the future, use the keyword passwords.
Reporting Security Problems
Send reports of security incidents, attacks, or questions to email@example.com