Guidelines for Selecting Good Passwords
Your WCU password must be a minimum of 12 characters in length. The system remembers the last 24 passwords you have used and you cannot include your username or real name in the password. Passwords do not expire. Here are some helpful password tips:
- Consider using pass-phrases instead of passwords (see notes below regarding pass-phrases).
- Good passwords are passwords that are difficult to guess, consider passwords that contain letters, numbers and/or symbols.
- Using mixed case password is an excellent method of creating a strong password.
- Never share passwords. Do not give your password during training session or over the phone to support personnel.
- Do not write down your passwords.
- In general good passwords:
- Have both upper and lower case letters
- Have digits and/or symbols as well as letters
- Are easy to remember, so they are not written down
- Are at least twelve characters in length
- If you have passwords on multiple accounts, it is very tempting to have the same password for all accounts. However if one of accounts is compromised, all accounts are compromised. A common approach is to add a suffix to the base password for each different account.
Choosing a Pass-Phrase
One of the easiest to remember and hardest to crack password methods is the pseudo-random password. The actual password is generated from an easy to remember pass-phrase that is important to the user. This phrase can be the words from a book that you particularly like, words from a song that you always remember with ease, a statement that some powerful figure made that you will NEVER forget. This is the key. It is a phrase that is easy for you but no one else will ever think about attributing to you.
- A Pass-Phrase could be: "My Partner's Birthday Is April(4) Twenty Fifth Nineteen Sixty six(6)"
The associated password would be: mpbi4tfns6
- Another Pass-Phrase example might be: "Four score and seven years ago our fathers brought..."
The associated password would be: foscanseyeag
Arrived at by choosing the first 2 letters from each word until a total of twelve characters resulted)
- Or, one could also Pass-Phrase: "It was a dark and stormy night".
It's easy for you to figure it out but it's a nightmare for a password cracker. The idea in this method is not that the password itself is easy to remember but that the process that you go through to arrive at it is so simple that you find yourself re-creating the same password with the process without even thinking about it.
When the time comes to change passwords, you have a number of options. You can change your pass phrase and re-process or you can keep the same phrase and change the order of the characters that you choose from it (take every second and fourth letter). It really doesn't matter -- what does matter is that you come up with very strong passwords that you can either remember or re-create on demand with little effort.