Difference between revisions of "Rules for Creating Passwords"
Jump to navigation
Jump to search
m |
(Replaced dead link with link to CIT password generation recipe.) |
||
(6 intermediate revisions by 4 users not shown) | |||
Line 9: | Line 9: | ||
:::- special characters (for example, !, $, #, %) | :::- special characters (for example, !, $, #, %) | ||
:::- digits (0 through 9) | :::- digits (0 through 9) | ||
− | :*Do not use a space in a password | + | :*Do not use a space in a password. Though technically allowed, it may be a source of confusion. |
:*Do not form a password by appending a digit to a word--this type of password is easily guessed. | :*Do not form a password by appending a digit to a word--this type of password is easily guessed. | ||
:*Each password must differ from the user's login name and any permutation of that login name. For comparison purposes, an upper case letter and its corresponding lower case letter are equivalent. | :*Each password must differ from the user's login name and any permutation of that login name. For comparison purposes, an upper case letter and its corresponding lower case letter are equivalent. | ||
:*New passwords should differ from the old by at least three characters. | :*New passwords should differ from the old by at least three characters. | ||
− | If you need additional ideas for creating a new password, [ | + | If you need additional ideas for creating a new password, [https://it.cornell.edu/password-mgmt-device-security-security-and-policy/strong-passwords-your-computer-netid-and-other#section-5 Cornell IT has a password generation recipe.] |
Latest revision as of 14:46, 13 October 2021
Do not share your password. Each user should be the only one to know the password for his or her account. Well-chosen passwords are essential to preserve the integrity of the system and individual user accounts. Never leave your password in plain text (unencrypted) in any of your files. Passwords stored in this way are easily stolen.
When you change your password, the new password must comply with our password complexity policy:
- Each password must have at least eight characters.
- Each password must contain at least three of the following four elements among its first eight characters:
- - uppercase letters (English, A through Z)
- - lowercase letters (English, a through z)
- - special characters (for example, !, $, #, %)
- - digits (0 through 9)
- Do not use a space in a password. Though technically allowed, it may be a source of confusion.
- Do not form a password by appending a digit to a word--this type of password is easily guessed.
- Each password must differ from the user's login name and any permutation of that login name. For comparison purposes, an upper case letter and its corresponding lower case letter are equivalent.
- New passwords should differ from the old by at least three characters.
If you need additional ideas for creating a new password, Cornell IT has a password generation recipe.