Member Resources‎ > ‎

Password Practices

A Guide To Better Password Practices

  • Make them long.  Longer passwords are obviously harder to crack. Make sure you're consistently exceeding the minimum length requirement on passwords that you pick.

  • Incorporate special characters.  Use non-alphabetic characters (!@?_) and numbers, when possible.

  • The pseudo-random password is one of the easiest to remember and hardest to crack password methods. The actual password is generated from an easy to remember phrase or sentence that is important to the user. This phrase can be the words from a book that you like, a song that you easily remember, a statement that that you will never forget. The key to a successful password is to create a phrase that is easy for you to remember, but no one else will ever think about attributing it to you.  See examples below:

  • I drive a 1972 Volkswagen!    =   IDA72VW!

  • Living At Home Since 1972 Saving Money   =   L@HS72S$

  • Four score and seven years ago our fathers brought forth  =  Fs&7yaofbF

  • Twinkle, twinkle, little star how I wonder what you are  =  TtlsH1WwuA

  • Don't use the same password for everything  If someone successfully cracks one password, it'll be the first password he guesses for the rest of your applications.  Make sure you're using several different passwords to prevent this from happening.

    • You should never reuse the same password in both public and private applications, but sometimes creating a different password for every website and every application can be a problem.  If you can’t do this, consider this tip to reduce the number of passwords while still maintaining a level of logical separation.

  • Group sites and applications into different categories such as:

  • Private - online banking

  • Personal - email accounts

  • Public - social networking

  • Business - corporate email, web, and vpn access

      • Create a password for each category.  This control limits the impact if one of the passwords is compromised.

  • Change passwords often.    Switching passwords a couple times a year makes it even more difficult for your account to be hacked.