Password Selection
Basic password selection rules
Passwords must be at least 6, and no longer than 16, characters. Passwords may not be all uppercase or all lowercase. (Examples:
ivyleague, IVYLEAGUE, and jklasdf are not valid passwords.) Passwords may not contain your PennNet ID; username; your
first, middle, or last name; or any variation thereof. Passwords may not be derived directly from words or phrases of
any language. Embedding a number or case-shift within a word
does not make a valid password. Systematic password
guessing attacks are sophisticated and will routinely 'crack' such
passwords. (Examples: time2go, big$deal, ivyLeague, 2morrow,
money$, and Ivyleague are not valid passwords. Passwords may not be composed of all numbers. Embedding decimal
points, minus signs, or plus signs within a number does not make a
valid password.
(Example: 1-609-555-1212 is not a valid password.)
Inventing a password
Make up a sentence that's meaningful to you. Then use the first letter of
each word as a letter in your password; if you wish, add additional characters
to make it more difficult to guess.
Start with the phrase such as Orange elephants invade Alaska;
film at eleven. Take the first letter of each word as your password:
OeiAfae
(This is an acceptable password; it follows the rules but is hard for
someone to guess since it's essentially a random string of characters.)
To make the password even harder to guess, add punctuation,
numbers, and other non-alphanumeric symbols: OeiA;f@11
Users should expect that the password selection rules will get still more
strict over the course of time.
|
