You have been redirected here, which houses content from our former website; this content may or may not be current. Our official website may have more up-to-date information.
UBC Mathematics: MathNet FAQ [Good passwords]

UBC Mathematics: MathNet FAQ [Good passwords]

Question: What is a good password?
Author: Joseph Tam
Date: Sept 25, 2020

Passwords provides the first line of defense against unauthorized access to your private data. A poor password places all your information in jeopardy, and undermines the security of our network. Please use a secure password that is not susceptible to guessing, and is computationally hard to find by enumerating all possibilities (i.e. brute forcing).

Secure password guidelines

  • Length: your password must be at least 8 characters long, but consider 12 or more characters.
  • Complexity: your password should have at least one character from each of these classes: upper case, lower case, digits, punctuations.
  • Wordlists: avoid passwords found in a wordlist/dictionary of any language. This would include jargons and proper names.
  • Personal identifiers: avoid SINs, telephone numbers, dates, friends/family/pet names, etc.
  • Simple transformations: avoid simple transformations of the above: reversal ("password"=>"drowssap"), single digit/punctuation append/prepend ("secret"=>"secret!"), homoglyphic substitutions ("password" => "p@ssw0rd).
  • Keyboard sequences: "Qwerty...", "QAZ...", "98765...", etc.
  • Never reveal your password: do not give it out when asked by Email, or into a web form outside our domain (

Example methods for choosing passwords:

  • Use a passphrase: "I won't eat dirt!"
  • Nonsense word: "!grianDor@"
  • Use the 1st or 2nd or last letter of each word in a sentence: "To make dough, use two cups of flour" => Tmd,u2cof"
  • Combine words in a non-obvious ways: "$mix%baseball#"