How To Choose a Password
Your passwords are the keys to many computers, from a bank
machine to a multiuser mainframe to a server on a network. Your
password helps to prove that you are who you say you are, and
ensures your privacy.
Compromised passwords are the means by which most unauthorized
(and unscrupulous) people gain access to a system. Someone logging
on under your name has access not only to your computer files, but
to most of the facilities of the computer system. Since tampering
can have far-reaching and serious consequences, it's important to
take to heart the following guidelines for choosing a
- Something easy for you to remember with at least six characters.
- Something obscure. For instance, you might deliberately misspell a term or use an odd character in an otherwise familiar term, such as "phnybon" instead of "funnybone." Or use a combination of two unrelated words or a combination of letters and numbers.
- A combination of letters and numbers, or a phrase like "many colors" and then use only the consonants "mnYc0l0rz."
- An acronym for your favorite saying, for example, "L!isn!" (Live! It's Saturday Night!)
- Your name in any form - first, middle, last, maiden, spelled backwards, nickname or initials.
- Your userid or your userid spelled backwards.
- Part of your userid or name.
- Any common name, such as Joe.
- The name of a close relative, friend, or pet.
- Your phone or office number, address, birthday, or anniversary.
- Your license-plate number, your social-security number, or any all numeral password.
- Names from popular culture, e.g., spock, sleepy.
- Any word in a dictionary.
- Passwords of fewer than four characters.
Mum's the Word
Never tell anyone your password -- not even your system administrator or account manager -- and don't write it down. Make sure you have chosen a password that you can remember. And, finally, change your password at regular intervals
Reprinted from i/s, Vol. 4, No. 9,
May 1989. Revised March 1993.
Copyright C 1993 MIT Information Systems