Skip to main content
- Change all default passwords. These include any passwords for initial login set by the vendor, or set by computing staff.
- Change all null (blank) passwords. Each system that can use a password should not be left with with an unset password.
- Use a strong password. A strong password contains the following items:
- Required to be at least 15 characters long
- Recommend including upper and lowercase letters
- Recommend including at least one number and special character
- Change passwords as needed. If a password does not follow this policy, change it, or if it is suspected compromised.
- Do not write down passwords in a public space (e.g. no sticky note under the keyboard).
- Use a passphrase instead of a password. This will make it complex and easy to remember.
- Pick a song lyric, saying, or quote that you'll remember, like "We all live in a yellow submarine".
- Change it slightly in a way you'll remember, like "We all live in a purple submarine".
- Add mispellings to cofnuse dictioanry atacks.
- Add numbers and punctuation, like "We all live in 5 purple submarines,".
- Now you have a 35 character password that is unique, complex and easy to remember.
