A while back I facilitated a number of environment, health & safety (EHS) software training sessions. Some of the trainees–mostly what I would call occasional users–needed instruction in computer fundamentals, including how to set a secure password. Some rules of thumb for what NOT to use as a password are
- don’t use your name or parts of it
- don’t use your pet’s name
- don’t use clever passwords like “password123” or 1234567
- don’t use your social security number, phone number or address
- don’t use common words
- don’t use the same password for multiple applications and/or Internet sites
… and the list goes on… When I mentioned rule no. 2, above, one of the trainees said, “Gee, now I have to change my password!”
A “strong” password is eight or more characters long and contains three or more of the following elements
- upper case letters (CAPITALS)
- lower case letters
- numbers
- special characters (e.g., $, #, ?, %, !)
Here is a great infographic, How hack-friendly is your password?