You have been redirected here, which houses content from our former
website; this content may or may not be current. Our
official website
may have more up-to-date information.
|
UBC Mathematics: MathNet FAQ [Good passwords]
UBC Mathematics: MathNet FAQ [Good passwords]
Question: What is a good password?
Author: Joseph Tam
Date: Sept 25, 2020
|
Passwords provides the first line of defense against unauthorized access to your private
data. A poor password places all your information in jeopardy, and undermines the security
of our network. Please use a secure password that is not susceptible to guessing, and is
computationally hard to find by enumerating all possibilities (i.e. brute forcing).
Secure password guidelines
- Length: your password must be at least 8 characters long, but
consider 12 or more characters.
- Complexity: your password should have at least one character
from each of these classes: upper case, lower case, digits, punctuations.
- Wordlists: avoid passwords found in a wordlist/dictionary of any language.
This would include jargons and proper names.
- Personal identifiers: avoid SINs, telephone numbers, dates,
friends/family/pet names, etc.
- Simple transformations: avoid simple transformations of the above:
reversal ("password"=>"drowssap"), single digit/punctuation
append/prepend ("secret"=>"secret!"), homoglyphic substitutions
("password" => "p@ssw0rd).
- Keyboard sequences: "Qwerty...", "QAZ...", "98765...", etc.
- Never reveal your password: do not give it out when asked
by Email, or into a web form outside our domain (math.ubc.ca)
Example methods for choosing passwords:
- Use a passphrase: "I won't eat dirt!"
- Nonsense word: "!grianDor@"
- Use the 1st or 2nd or last letter of each word in a sentence:
"To make dough, use two cups of flour" => Tmd,u2cof"
- Combine words in a non-obvious ways: "$mix%baseball#"
|