Password Security

The first step in good password security is selecting a strong password. Strong passwords have the following characteristics:

  • Are not based on personal information, names of family, etc.
  • Are not a word in any language, slang, dialect, jargon, etc.
  • Are at least eight alphanumeric characters long
  • Have both upper and lower case characters (e.g., a-z, A-Z)
  • Have digits and punctuation characters as well as letters e.g., 0-9, !@#$%^&*()_+|~-=\`{}[]:;’?,./)

 

Western's password requirements are as follows:

 

  • Minimum of 8 characters
  • May not be repeated (history of previous 8 passwords are stored and may not be used)
  • Must meet the following password complexity requirements:
    • Does NOT contain significant portions of the user's account name or full name
    • MUST contain characters from three of the following four categories:
      • English uppercase characters (A through Z)
      • English lowercase characters (a through z)
      • Base 10 digits (0 through 9)
      • Non-alphabetic characters (for example, !, $, #, %)

 

Common password DON'Ts:

  1. Don’t reveal a password over the phone to ANYONE
  2. Don’t reveal a password in an email message
  3. Don’t reveal a password to a friend
  4. Don’t talk about a password in front of others
  5. Don’t hint at the format of a password (e.g., "my family name")
  6. Don’t reveal a password on questionnaires or security forms
  7. Don’t share a password with family members
  8. For employees, don’t reveal a password to co-workers while on vacation
  9. If someone demands a password, refer them to this document or have them call the Information Technology / Computer Services office at 970-943-3123.
  10. Don't write passwords down or store them anywhere in your office.
  11. Do not store passwords in a file on ANY computer system (including Palm Pilots or similar devices) without encryption.

 

Passwords you can remember

Choosing a strong password doesn't need to be a chore. If a password is so complex that it can't be remembered or must be written down, we have defeated our primary goal. Here are some creative ways to make strong passwords that can easily be remembered.

  • Substitute letters with characters and numbers. Don't bother with just replacing "o" with "0". Get creative and you'll have a strong password that's easy to remember.
  • Another method is to use the first letters of the words favorite phrase, song, or poem. "Hail, hail the lucky ones, I refer to those in love" becomes "H,hTL0,IR2t1L." or "You're once, twice, three times a lady." -Lionel Richie (Yr123tmsLdy)
  • Join together one or more words with special characters: wH1te:dog
  • Intentionally misspell a word in your password