Protecting Data - Building Block #1: Use strong passwords
Computers and mobile devices "out of the box" are inherently insecure. To protect them and the information each device holds, we each need to build a defensive wall made up of a series of "building blocks." One of the most important and easiest building blocks is to protect each device with strong, difficult-to-guess passwords.
- Don't share your password. Anyone who knows your password can see and do whatever you can, and can share it with someone else.
Create a difficult-to-guess password; they are harder to crack:
- at least 8 characters
- use a mix of letters, numbers, and symbols
- avoid using a single word, in any language
- avoid obvious sequences (e.g., 123qwerty, abcd1234)
- avoid simple alterations of common words (e.g., p@ssw0rd)
- never use a 'blank', default, or initial value password
- consider phrase passwords, for example, “I am one happy person at Princeton University!” would be “Im1hp@PU!”
- do not use example passwords in public documents, including “Im1hp@PU!”
- Use unique 'username' and password combinations for each of your accounts.
- Regulary change your password to limit the time a hacker has to discover it. You can change your password at www.princeton.edu/changepassword, or from the OIT website.
- Avoid writing passwords down. If you must, mask it: keep the paper in a safe place and don't include related data (e.g., ID, site name).
- If you use password management software to keep your passwords in an encrypted, password-protected file, be sure to check with your IT support person or the OIT Help Desk at (609) 258-HELP to ensure the product provides appropriate security controls.
For this and other 'building blocks' to safe computing, see "Security 101: The Building Blocks of Safe Computing."