|One Step Ahead
April 13, 2010, Volume 56, No. 29
Another tip in a series provided by the Offices of Information Systems & Computing and Audit, Compliance & Privacy.
Make Sure Your PennKey
Password Meets Current Rules
An important way you can protect yourself from electronic crime is by having a strong PennKey password. If you haven’t changed your PennKey password in a while (or ever) you may want to do it now. The rules for selecting a strong PennKey password have changed over the years, so your current password may not be in line with the current recommendations.
A strong password should be as long—at least 8 characters—and complex as you can remember, and not be easily guessable by someone who knows you. A good way to create a strong but memorable password is to select a phrase that means something to you, but isn’t well-known. For example, consider the phrase “Orange elephants invade Alaska; film at eleven.” Pick the first letter of each word (OeiAfae) and add some punctuation (OeiA;f@e).
This password meets the current PennKey password selection rules that require a mix of upper- and lower-case characters, not being derived from a dictionary word (in any language), and not containing a username, PennID, or name.
To change your password, go to: https://weblogin.pennkey.upenn.edu/changepassword
To receive OneStepAhead tips via email, send email to firstname.lastname@example.org with the following text in the body of the message: sub one-step-ahead <your name>.
For additional tips, see the One Step Ahead link on the Information Security website: www.upenn.edu/computing/security/