Creating a Good Password

---

We may not like to think about it often, but security is an important thing for anyone to consider in this digital age. Your password is your key into a number of places that store personal and/or confidential data important to your life and your job. Below are some pointers on creating a good password that is easy to remember but hard for someone else to guess.

How to Make a Good Password

Use an Anagram Start with a phrase that is common and familiar to you Use the first letter of each word to create your password Use or add a number in place of a letter in the password to make it more secure

A Sitch in Time Saves Nine = A Stitch in Time Saves Nine = ASiTSN or ASiTS9

Encode a Word or Phrase Take a word or a couple of words or syllables and combine them into something easy for you to remember Mix letters from two short words to make a complex password

Good for Us = goo4Us or icon = eyeC0n or cat dog = cdaotg

Some General Rules

1. Don't give out your password.
2. Do not give out your password.
3. Make your password easy for you to remember so you don't have to write it down.
4. Don't use the same password here that you use anywhere on the internet!
5. Longer passwords are better than short passwords. (Fewer letters are easier to guess.)
6. Include both upper and lower-case letters, and some non-alphabetic characters, like number and/or punctuation marks.

Bad Things
There are also some password "thou-shalt-not's." We really really discourage passwords that do any of the stuff below:

• Do NOT use a word that's in the dictionary. Do not use people's names or place names either. Do not use a foreign word. There are some long dictionaries out there.
• Do NOT use any information about yourself, like your first name, last name, spouse's name, ATM card number, dog's name, phone number, birthday, and so on. Nothing personal. You're creating a key, not a welcome mat.
• Do NOT use fictional character names. Do not use names of wizards, or heroes, or dragons. Do not use secret strings from computer games.
• Do NOT use simple keyboard patterns: all one letter, or letters in a row.
• And do not use a bad password spelled backwords or with a single digit stuck on the end. It's still bad.

Guessing your password: The numbers game
Here's why your password should not be a word in any sort of dictionary:

According to O'Reilly, if you combine dictionaries from 10 major languages, plus those words reversed, capitalized, and with a trailing digit appended, you still have less than 5 million words. Toss in a few thousand first names, last names, place names, and fictional characters and you have an awfully complete list for a hacking program to run through.

But that list represents less than .0000000012% of the possible passwords you could actually pick. So don't make it easy by picking one of them.

Here's why your password should be long. There are approximately 450,000 4-character strings from aaaa to zzzz. At a guessing rate of 1 password per second, it would take a computer about 5 days to run through all the possibilities. If you're password is 7 characters, even if it doesn't include a punctuation character or an upper case character or a digit as it ought to, there are over 8 billion possibilities. A major computer could run through all of them, but we're not worried about people with supercomputers. A computer running at 1 password per second would take 250 years to try all possibilities.

So make your password at least 6 characters, don't make it a word that might be in any on-line dictionary somewhere. And put in a few funny characters, or an upper case letter as well. Thanks for your help.