Tips on Creating Strong Passwords

Your password is your only line of defense from the outside world. Anyone who kows it, can guess it or can figure it out, has access to your entire user account. This includes reading email, deleting or modifying that users files, performing illegal activites and so on.

Beyond that risk, those clever enough to access your account will be one step closer to hacking deeper into the EE network. The easiest way for a hacker to gain access to a server is first to enter as a normal user and then try to gain access to higher levels of that server or other networked servers. By having all users maintain good passwords, the servers first line of defense is strengthened. In other words, having a good password not only safe guards your account but all other user accounts as well.

How to change your password on the EE servers
  1. Using SSH, log into
  2. Type "passwd"
  3. Follow the prompts
What makes a bad password
  • Names
    • of yourself, including nicknames
    • of your spouse or significant other, of your parents, children, siblings, pets, or other family members
    • of fictional characters, especially ones from fantasy or sci-fi stories, video games, etc.
    • of any place or proper noun (including celebriies)
    • of computers or computer systems
  • Numbers, including
    • your phone number
    • your social security number
    • anyones birthday
    • your drivers licence number or licence plate
    • your room number or address
    • any common number like 3.1415926 or 1.618034
    • any series such as 1248163264
  • Any username in any form, including
    • capitalized (Johndoe)
    • doubled (johndoejohndoe)
    • reversed (eodnhoj)
    • reflected (johndoeodnhoj)
    • transpose (j0hnd03)
    • with words, numbers or symbols appended (johndoe!, 3johndoe, johndoecat).
  • Any single word in any dictionary in any language in any form.
  • Any single word you think is not in a dictionary, including
    • any slang word or obscenity
    • any technical term or jargon
  • Simple patterns, including
    • passwords of all the same letter
    • simple keyboard patterns (qwerty, asdfjkl)
    • anything that someone might easily recognize if they see you typing it
  • Any object that is in your field of vision at your workstation
  • Any password that you have used in the past
  • A password from a site designed to help others create good passwords.
What makes a good password
  • Use a non-ordinary word or phrase.
  • Use at least one lowercase letter, uppercase letter, number and symbol.
  • Create passwords from simple phrases (Ihv8p$wd = I have a password).
  • Create passwords from phrases constructed from unrelated words (InsanePassOGeek)
  • Use a minimum of 8 characters (any more than 16 characters is not practical).
  • Changing it every 6 months or so.

Bad and good passwords and why

Bad Passwords

    crystal (Dicrionary word)
    Crystal (Dicrionary word w/capitals)
    crystal9 (Dicrionary word w/number)
    crystal! (Dicrionary word w/character)
    cry$tal (Dicrionary word w/normally changed letters)
    latsyrc (Dicrionary word backwards)
    Jessica (Name or place)
    dogcat (Two dictionary words)
    dog3cat (Two dictionary word w/number)
    12345678 (All numbers)

Good Passwords (each is better that the previous)

    CRysTaL (Dictionary word w/ramdon CAPS)
    cry#stal (Dictionary word w/character(s) breaking up the word)
    conpuuter (Dictionary word w/several modifications "computer")
    Ihv8p$wd (Phrase "I have a password")
    Ihav8p$$wdd (Longer more complicated phrase "I have a password")
    ford-V8-351-2v (14 characters and created from popular Ford engine)
    6q3mpaG\ip8ef~3* (16 characters long using all types of random letters, numbers and characters)
    IHasGreatestPassDaddyOfNorthIreland! (36 characters long using many unrelated words in a phrase)