Weak passwords can open a door into most aspects of your life — allowing con artists access to everything from your university pay stub to your iTunes and bank accounts.

A strong password is one of the keys to protecting yourself. You should make passwords that are easy to remember but hard to crack.


Create a strong password

Use a mix of letters, capital letters, numbers, and symbols (if the system allows).

Make it long: use a minimum of eight characters, but more than 15 is best.


Strategies for creating a password

The Internet is full of tips for creating a strong password. Here are a couple to get you started:

1. Start with a passphrase — a song lyric, a quote, etc. Make an acronym using the first or last letters of the phrase. Then insert capital letters, and substitute letters with symbols and numbers. Avoid obvious substitutions like 1 for L, or 0 for 0. Use numbers and symbols in the middle, not at the ends.

Song lyric: “and on that farm he had a cow”

First letters: aotfhhac

Capitals, symbols and letters inserted: aOtF##AC

2. Choose two random unrelated words and insert capital letters, symbols and numbers

E.g. BEYONCERADISH (bEy0nceR@diSh)

3. Deliberately misspell a term or phrase and insert capital letters, symbols and numbers

TAYKITEEZIE (take it easy)


Don't use:

  • Easily accessible personal information (e.g. phone numbers, important dates like your birthday, your name or your children's names)

  • common words (e.g. “password”)

  • easy keyboard/keypad combinations e.g. qwerty1234


Protect your password

1. Never share your work password, even with a trusted colleague. When you share your password, you give that individual free access to your personal data (including direct deposit and salary information), your email, and your personal files on the university network. Even though you might be careful with your passwords, the people you share them with might not be.

2. Change passwords often.

3. Don’t reuse passwords.

4. Use a different password for each of your major accounts, so that someone who finds out one of your passwords won't know them all. Sounds like a lot to remember, right? You can try:

  • Using a strong core password and customizing it:

  • Adding the first and last letter of the site you are on to the beginning and end of the core password. So, the core password “a0tF#h@C” would look like this: “ea0tF#h@Cy” on eBay and like this “ia0tF#h@Cm” on Instagram.

  • Or, adding the last letter of the name of the site and the number of letters in the site name to the beginning of the core password. The “a0tF#h@C” core password for Twitter would look like this: “t7a0tF#h@C”

  • Using a password management tool like LastPass, DashLane or 1Password. These will store your passwords, so all you only have to really remember the password for the password tool.

5. Do not write your password down. You may be surprised at the number of computer monitors across campus that have sticky notes with passwords written on them.

IT Security Icon Illustration

Don't get hooked by the phish

If you are worried that you have been a victim of a phishing scam or any other security breach, contact us for information. Don't be afraid to notify Tech Support about any breach of security or with any questions.