For more information on choosing strong passwords visit the BU’s IS&T page
So, how do you create a “strong” password that is easy to remember? While it may seem tough to do this, there are a few simple tips that can make it easy
- Use passphrases: The most important factor in password strength is length. Passphrases are a string of words, like a favorite song lyric or quote. These can be both long and easy to remember! Aim to create a passphrase that is 16 characters or more, as required by the BU password policy requirement. Use a mix of alphabetical and numeric, a mixture of upper and lowercase, and special characters when creating your unique passphrase.
- Use unique passwords or passphrases: You should have a unique password for each of your accounts. This way, if one of your accounts is compromised, your other accounts remain secure.
- Use a password manager: Use a password manager to help create and manage strong, unique passphrases for all your accounts! Some top products are: 1Password, Apple’s iCloud Keychain, KeePass, and LastPass (alphabetical order).
- Visit the Terrier Cybersecurity Checkup: Our online app allows you to view how old your password is (BU passwords expire every five years), view the devices associated with your Duo account, and view a list of breaches associated with your BU email address. This is a powerful tool to gain insight to your BU password:https://cybercheckup.bu.edu/.
Here are three simple ways to construct a secure, easy to remember passphrase:
1. Create a passphrase by taking a short phrase and:
- Change the capitalization of some of the letters
- Replace some of the letters with numerical and symbolic substitutions ($ for S, 8 for B)
- Misspell or abbreviate some words (E.g., the phrase “Dunkin’ Donuts is great for summer” becomes “Dunkisgr84$umm3R”.)
2. Choose several shorter words and add some numbers in the center, then change the capitalization and substitute symbols for letters. (E.g., the phrase “books 930 Pleasant” becomes “b00K$930PL3^S^n+”.)
3. Choose a memorable quote or phrase and use only the first letter from each word. Vary the capitalization. Also include numbers and symbols, either as substitutions for letters or as a replacement for a full word. (E.g. Albert Einstein’s quote “Two things are infinite: the universe and human stupidity; and I’m not sure about the universe.” becomes “2TrI:tU&h$;&Ins@tU”.)
- Passwords of fewer than sixteen characters.
- Words or phrases that do not mix upper and lower case, or do not mix letters or numbers, or do not mix letters and punctuation.
- Your name in any form — first, middle, last, maiden, spelled backwards, nickname or initials.
- Any ID number or login name in any form, even spelled backwards.
- Any all-numeral passwords, e.g., your license-plate number, social-security number.
- Your phone or office number, address, birthday, or anniversary.
- Any single common name, name of a close relative, friend, or pet.
- A single English or foreign word, however two or more English or foreign words may be used to create a passphrase.
- A single word either preceded or followed by a digit, a punctuation mark, up arrow, or space.
Check out this tutorial on creating a strong (and LONG) password:
Passwords are our first and best line of defense against unauthorized access to our online information. If your BU password is hacked, a bad actor could gain access to BU services that are not yet protected by multifactor authentication. The longer your password the more secure,; use a passphrase when creating a strong and unique BU password!