Home

 

117 South Street
Farmington, ME 04938
Help Desk: (207) 778-7300
EXCEL Center: (207) 778-7490
FAX: (207) 778-7255
computer.center@umf.maine.edu

 

 

 

Creating a Good Password


We may not like to think about it often, but security is an important thing for anyone to consider in this digital age. Your password is your key into a number of places that store personal and/or confidential data important to your life and your job. Below are some pointers on creating a good password that is easy to remember but hard for someone else to guess.

A Stitch in Time Saves Nine
=
A Stich in Time Saves Nine
=
ASiTSN
or
ASiTS9

How to Make a Good Password

Use an Anagram

  • Start with a phrase that is common and familiar to you
  • Use the first letter of each word to create your password
  • Use or add a number in place of a letter in the password to make it more secure

Encode a Word or Phrase

Good for Us = goo4Us
or
icon = eyeC0n
or
cat dog = cdaotg

  • Take a word or a couple of words or syllables and combine them into something easy for you to remember
  • Mix letters from two short words to make a complex password

Some General Rules

  1. Don’t give out your password.

  2. Do not give out your password.

  3. Make your password easy for you to remember so you don’t have to write it down.
  4. Don’t use the same password here that you use anywhere on the internet!
  5. Longer passwords are better than short passwords. (Fewer letters are easier to guess.)
  6. Include both upper and lower-case letters, and some non-alphabetic characters, like number and/or punctuation marks.


Bad Things

There are also some password “thou-shalt-not’s.” We really really discourage passwords that do any of the stuff below:

  • Do NOT use a word that’s in the dictionary. Do not use people’s names or place names either. Do not use a foreign word. There are some long dictionaries out there.
  • Do NOT use any information about yourself, like your first name, last name, spouse’s name, ATM card number, dog’s name, phone number, birthday, and so on. Nothing personal. You’re creating a key, not a welcome mat.
  • Do NOT use fictional character names. Do not use names of wizards, or heroes, or dragons. Do not use secret strings from computer games.
  • Do NOT use simple keyboard patterns: all one letter, or letters in a row.
  • And do not use a bad password spelled backwords or with a single digit stuck on the end. It’s still bad.


Guessing your password: The numbers game

Here’s why your password should not be a word in any sort of dictionary:

According to O’Reilly, if you combine dictionaries from 10 major languages, plus those words reversed, capitalized, and with a trailing digit appended, you still have less than 5 million words. Toss in a few thousand first names, last names, place names, and fictional characters and you have an awfully complete list for a hacking program to run through.

But that list represents less than .0000000012% of the possible passwords you could actually pick. So don’t make it easy by picking one of them.

Here’s why your password should be long. There are approximately 450,000 4-character strings from aaaa to zzzz. At a guessing rate of 1 password per second, it would take a computer about 5 days to run through all the possibilities. If you’re password is 7 characters, even if it doesn’t include a punctuation character or an upper case character or a digit as it ought to, there are over 8 billion possibilities. A major computer could run through all of them, but we’re not worried about people with supercomputers. A computer running at 1 password per second would take 250 years to try all possibilities.

So make your password at least 6 characters, don’t make it a word that might be in any on-line dictionary somewhere. And put in a few funny characters, or an upper case letter as well. Thanks for your help.