Tips on creating good passwords

How to change your password on the EE servers

  1. Using SSH, log into geek.nmt.edu
  2. Type "passwd"
  3. Follow the prompts
Why good passwords are important

Your password is your only line of defense from the outside world. Anyone who kows it, can guess it or can figure it out, has access to your entire user account. This includes reading email, deleting or modifying that users files, performing illegal activites and so on.

Beyond that risk, those clever enough to access your account will be one step closer to hacking deeper into the EE network. The easiest way for a hacker to gain access to a server is first to enter as a normal user and then try to gain access to higher levels of that server or other networked servers. By having all users maintain good passwords, the servers first line of defense is strengthened. In other words, having a good password not only safe guards your account but all other user accounts as well.

What makes a bad password

  • Names
    • of yourself, including nicknames
    • of your spouse or significant other, of your parents, children, siblings, pets, or other family members
    • of fictional characters, especially ones from fantasy or sci-fi stories, video games, etc.
    • of any place or proper noun (including celebriies)
    • of computers or computer systems
  • Numbers, including
    • your phone number
    • your social security number
    • anyones birthday
    • your drivers licence number or licence plate
    • your room number or address
    • any common number like 3.1415926 or 1.618034
    • any series such as 1248163264
  • Any username in any form, including
    • capitalized (Johndoe)
    • doubled (johndoejohndoe)
    • reversed (eodnhoj)
    • reflected (johndoeodnhoj)
    • transpose (j0hnd03)
    • with words, numbers or symbols appended (johndoe!, 3johndoe, johndoecat).
  • Any word in any dictionary in any language in any form.
  • Any word you think is not in a dictionary, including
    • any slang word or obscenity
    • any technical term or jargon
  • Simple patterns, including
    • passwords of all the same letter
    • simple keyboard patterns (qwerty, asdfjkl)
    • anything that someone might easily recognize if they see you typing it
  • Any object that is in your field of vision at your workstation
  • Any password that you have used in the past
  • A password from a site designed to help others create good passwords.
What makes a good password
  • Use a non-ordinary word or phrase.
  • Use at least one lowercase letter, uppercase letter, number and symbol.
  • Create passwords from simple phrases (Ihv8p$wd = I have a password).
  • Use a minimum of 8 characters (any more than 16 characters is not practical).
  • Changing it every 6 months or so.
Bad and good passwords and why

Bad Passwords
crystal Dicrionary word
Crystal Dicrionary word w/capitals
crystal9 Dicrionary word w/number
crystal! Dicrionary word w/character
cry$tal Dicrionary word w/normally changed letters
latsyrc Dicrionary word backwards
Jessica Name or place
dogcat Two dictionary words
dog3cat Two dictionary word w/number
12345678 All numbers
 
Good Passwords(each is better that the previous)
CRysTaL Dictionary word w/ramdon CAPS
cry#stal Dictionary word w/character(s) breaking up the word
conpuuter Dictionary word w/several modifications (computer)
Ihv8p$wd Phrase (I have a password)
Ihav8p$$wdd Longer more complicated phrase (I have a password)
ford-V8-351-2v 14 characters and created from popular Ford engine
6q3mpaG\ip8ef~3* 16 characters long using all types of random letters, numbers and characters


 
Last Updated: September 10, 2006