Healthy Computing at DePauw University

Password Protection

Protecting Your Passwords

In a university computing environment, there are often computer users attempting to access computers for which they have no authorization. Although most of today's computer systems have reliable security software to prevent break-ins, the weakest part of a computer system is the people who use it. The password on a user's account is like a lock and key. It proves you have the right to enter the account. If you compromise the lock and key, such as giving out your password, writing it down, putting it in a text file, or choosing something easy to remember, your account is no longer secure.

The most common way to break in to an account is to guess, or compute, the password. One technique currently being used to compute a password is to write a program that tries every word in a dictionary until login is successful.

To help avoid break-ins, keep the following in mind when choosing your password:

• Do not use anything obvious like your first name, the name of a family member, pet, or the same ID as your account/username.
• Avoid using any word that can be found in a dictionary.
•  Do not write your password down, give it to anyone, or keep it in a text file on any system.

If you wanted to use a word such as apple for your password because it's easy to remember, you can misspell it, such as appell or apull, so that it is not a word in the dictionary. It is just as easy to remember, because of the odd spelling you chose. A password could also be chosen that is 2 words put together, such as applepie or bigapple. This is easy to remember and cannot be found in a dictionary.

Give some thought to the passwords chosen and change your passwords at least once every few weeks. The number of computer break-ins will be greatly minimized. Chances are you have been using the same password for too long....

* Password Security tips adapted from San Diego State University.