No matter how many walls are placed around your machine, there is
always a key for complete access: your password. There are countless
programs that attempt to determine passwords, both by guessing common
ones and by randomly generating possibilities and trying them all, or
a combination of the two.
The best defense is a "strong password". A strong password is a
combination of numbers, uppercase letters, lowercase letters, and, if
possible, other characters. This makes the password nearly impossible
to guess in a reasonable amount of time, and ensures that all the hard
work you put into keeping your machine well-defended does not go to
waste. The longer the password, the harder it is to guess.
Of course, as passwords get closer to random numbers and letters,
they also get harder to remember. That doesn't mean that you have to
fall back on a weaker password, though. You can m15peLL w0Rdz
intentionally, or use a mnemonic device like a strong passphrase. Be
sure to read the Microsoft article below for some very useful advice
on this subject.
Always be sure to change your password if you think that there's a
chance that someone else has seen it.
Guidelines for Creating Strong Passwords
What is a Strong Password?
A strong password is designed to be complex and therefore difficult to guess or crack. To be sufficiently complex, it must:
- be 8 characters or longer,
- use a combination of upper and lower case letters, and
- include at least one numeric and/or special character (&, ?, @, etc.), punctuation, and spaces.
A pass-phrase or sentence is a very secure way of creating passwords that are both hard for others to crack and easy to remember by you.
Other Important Password-Related Guidelines
- Your account is your responsibility. Do not share your password with others, including technicians. CUIT staff will never ask for your password.
- Do not base your password on personal information that someone who knows you may be able to guess.
- Do not use your user ID (UNI) or your name/department name as your password
- Do not use your University ID (UNI) and password for access to third-party systems (e.g., online shopping, newspapers, travel websites)
- Avoid letting software save or store your passwords. Besides increasing the chance that someone will be able to access data on your computer or personal information, you are more likely to forget the password if you do not type it in regularly.
- Make sure you always log out of programs or web sites and close browser when you are done working with them, especially on public computers.
- Protect your passwords and treat them as valuables.
Protecting Your Password
Choosing a Windows Password
Choosing an OS X Password
Managing Your Columbia UNI and Password
Microsoft's Guide to Creating Stronger Passwords
To reach this page quickly in the future, use the keyword passwords.
Send reports of security incidents, attacks, or questions to firstname.lastname@example.org