{"id":101563,"date":"2016-09-23T15:16:22","date_gmt":"2016-09-23T19:16:22","guid":{"rendered":"http:\/\/www.bu.edu\/tech\/?page_id=101563"},"modified":"2023-01-09T15:24:01","modified_gmt":"2023-01-09T20:24:01","slug":"how-to-choose-a-strong-password","status":"publish","type":"page","link":"https:\/\/www.bu.edu\/tech\/support\/information-security\/security-for-everyone\/how-to-choose-a-strong-password\/","title":{"rendered":"How To Choose a Strong Password"},"content":{"rendered":"<p><em>For more information on choosing strong passwords visit the <a href=\"https:\/\/www.bu.edu\/tech\/security\/protect\/bestpractice\/passwords\/\">BU&#8217;s IS&amp;T page<\/a><\/em><\/p>\n<h3>General Guidelines:<\/h3>\n<p><span><\/span>So, how do you create a &#8220;strong&#8221; password that is easy to remember? While it may seem tough to do this, there are a few simple tips that can make it easy<\/p>\n<ul>\n<li><b><i>Use passphrases<\/i>:<\/b><span> The most important factor in <\/span><span class=\"searchHighlight\">password<\/span><span> strength is length. Passphrases are a string of words, like a favorite song lyric or quote. These can be both long and easy to remember! Aim to create a passphrase that is 16 characters or more, as required by the BU password policy requirement. Use a mix of alphabetical and numeric, a mixture of upper and lowercase, and special characters when creating your unique passphrase.\u00a0<\/span><\/li>\n<li><b><i>Use unique <span class=\"searchHighlight\">password<\/span>s or passphrases<\/i><\/b><span>: You should have a unique <\/span><span class=\"searchHighlight\">password<\/span><span> for each of your accounts. This way, if one of your accounts is compromised, your other accounts remain secure.<\/span><\/li>\n<li><b><i>Use a <span class=\"searchHighlight\">password<\/span> manager<\/i><\/b><span>: Use a <\/span><span class=\"searchHighlight\">password<\/span><span> manager to help create and manage strong, unique passphrases for all your accounts! Some top products are: 1<\/span><span class=\"searchHighlight\">Password<\/span><span>, Apple&#8217;s iCloud Keychain, KeePass, and LastPass (alphabetical order).<\/span><\/li>\n<li><b><i>Visit the Terrier <span class=\"searchHighlight\">Cybersecurity<\/span> Checkup<\/i><\/b><span>: Our online app allows you to view how old your <\/span><span class=\"searchHighlight\">password<\/span><span> is (BU passwords expire every five years), view the devices associated with your Duo account, and view a list of breaches associated with your BU email address. This is a powerful tool to gain insight to your BU <\/span><span class=\"searchHighlight\">password<\/span><span>:<\/span><a href=\"https:\/\/cybercheckup.bu.edu\/\" contenteditable=\"false\" title=\"https:\/\/cybercheckup.bu.edu\/\">https:\/\/cybercheckup.bu.edu\/<\/a>.<\/li>\n<\/ul>\n<h3>Choose<\/h3>\n<p>Here are three simple ways to construct a secure, easy to remember passphrase:<\/p>\n<p>1. Create a passphrase by taking a short phrase and:<\/p>\n<ul>\n<li>Change the capitalization of some of the letters<\/li>\n<li>Replace some of the letters with numerical and symbolic substitutions ($ for S, 8 for B)<\/li>\n<li>Misspell or abbreviate some words (E.g., the phrase \u201cDunkin&#8217; Donuts is great for summer\u201d becomes \u201cDunkisgr84$umm3R\u201d.)<\/li>\n<\/ul>\n<p>2. Choose several shorter words and add some numbers in the center, then change the capitalization and substitute symbols for letters. (E.g., the phrase \u201cbooks 930 Pleasant\u201d becomes \u201cb00K$930PL3^S^n+\u201d.)<\/p>\n<p>3. Choose a memorable quote or phrase and use only the first letter from each word. Vary the capitalization. Also include numbers and symbols, either as substitutions for letters or as a replacement for a full word. (E.g. Albert Einstein&#8217;s quote <strong>\u201c<\/strong><em>Two things are infinite: the universe and human stupidity; and I&#8217;m not sure about the universe.&#8221;<\/em>\u00a0 becomes \u201c2TrI:tU&amp;h$;&amp;Ins@tU\u201d.)<\/p>\n<h3>Don&#8217;t choose<\/h3>\n<ul>\n<li>Passwords of fewer than sixteen characters.<\/li>\n<li>Words or phrases that do not mix upper and lower case, or do not mix letters or numbers, or do not mix letters and punctuation.<\/li>\n<li>Your name in any form &#8212; first, middle, last, maiden, spelled backwards, nickname or initials.<\/li>\n<li>Any ID number or login name in any form, even spelled backwards.<\/li>\n<li>Any all-numeral passwords, e.g., your license-plate number, social-security number.<\/li>\n<li>Your phone or office number, address, birthday, or anniversary.<\/li>\n<li>Any single common name, name of a close relative, friend, or pet.<\/li>\n<li><span data-contrast=\"auto\" xml:lang=\"EN-US\" lang=\"EN-US\" class=\"TextRun SCXW228690792 BCX0\"><span class=\"NormalTextRun SCXW228690792 BCX0\">A<\/span><span class=\"NormalTextRun SCXW228690792 BCX0\">\u00a0single English or foreign word, however two or more English or foreign words may be used to create a passphrase. <\/span><\/span><span class=\"EOP SCXW228690792 BCX0\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:720,&quot;335559737&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:259,&quot;335559991&quot;:360}\">\u00a0<\/span><\/li>\n<li>A single word either preceded or followed by a digit, a punctuation mark, up arrow, or space.<\/li>\n<\/ul>\n<p><strong>Check out this tutorial on creating a strong (and LONG) password:<\/strong><\/p>\n<p><iframe loading=\"lazy\" width=\"560\" height=\"315\" src=\"https:\/\/www.youtube.com\/embed\/TvrFpAFitQ0\" title=\"YouTube video player\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<p>&nbsp;<\/p>\n<p><span><span class=\"searchHighlight\">Password<\/span>s are our first and best line of defense against unauthorized access to our online information. If your BU <span class=\"searchHighlight\">password<\/span> is hacked, a bad actor could gain access to BU services that<\/span><span> are not yet protected by multifactor authentication. The longer your password the more secure,; use a passphrase when creating a strong and unique BU password!<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>For more information on choosing strong passwords visit the BU&#8217;s IS&amp;T page General Guidelines: So, how do you create a &#8220;strong&#8221; password that is easy to remember? While it may seem tough to do this, there are a few simple tips that can make it easy Use passphrases: The most important factor in password strength&#8230;<\/p>\n","protected":false},"author":4697,"featured_media":0,"parent":101545,"menu_order":15,"comment_status":"closed","ping_status":"closed","template":"","meta":[],"_links":{"self":[{"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages\/101563"}],"collection":[{"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/users\/4697"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/comments?post=101563"}],"version-history":[{"count":12,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages\/101563\/revisions"}],"predecessor-version":[{"id":143283,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages\/101563\/revisions\/143283"}],"up":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages\/101545"}],"wp:attachment":[{"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/media?parent=101563"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}