Tips: Strong Passwords

Creating strong passwords offers great security in return for minimal effort! 

Luckily, everyone can learn how to make and manage stronger passwords. It's an easy way to strengthen security both at work and at home.

To highlight the importance of strong passwords in protecting data and to promote better password habits. Passwords are critical gatekeepers to our digital identities, allowing us to access online shopping, dating, banking, social media, private work, and life communications. 

In a cyber world, secure passwords are important. Long, unique, and memorable passwords can best protect your valuable information and keep it offline. We also recommend changing your passwords every few months - especially in the the event you suspect one of your accounts has been compromised.

If you are currently not using a password manager, please reference the tips below when generating your long, unique, and memorable passwords.Uniqueness Matters

Many people reuse passwords across multiple accounts and attackers take advantage of this risky behavior.  If an attacker obtains one password - even a strong one! - they can often use it to access other valuable accounts.

What Makes a Password "Strong?"

The key to making your password more resistant to hackers' tools is creating long and memorable passwords. For example, an 8-character password can be guessed by an attacker in less than a day!  A 12-character password, however, could take up to 2 weeks. 

Strong passwords are essential to protecting sensitive data, as well as our devices, networks, and systems. 

How to create a strong password

• 12-character minimum — Create passwords that are a minimum of 12 to 14 characters in length.
• Include numbers, symbols, capital letters, and lower-case letters — Use a mix of different types of characters to make the passwords harder to crack.
• Non-dictionary words — Stay away from obvious dictionary words or combinations of dictionary words. A single word or short phrase, especially obvious ones, make weak, high-risk passwords and can be easily guessed. For example: "house" and "Red House" are weak passwords that will leave your accounts vulnerable to attack.
• Doesn't rely on obvious substitutions — Don't use common letter substitutions.  For example:  swapping the "o" for a "0" in "H0use" doesn't make this a strong password.  The substitution is still too obvious.
• Make it memorable — You might find it easier to remember a sentence.  For example: "The first house I ever lived in was on 613 Fake Street. The rent was $400 per month," can be turned into a password by stringing together the first character of each word to create "Tfhieliwo613FS.Trw$4pm."

Guarding Your Passwords

1. Don't write them down — Many make the mistake of writing passwords on post-it-notes and leaving them in plain sight. Even if you hide your password, someone could still find it.
2. Don't share passwords — You can't be sure someone else will keep your credentials safe. At work, you could be held responsible for anything that happens when someone is logged in as you. 
3. Don't save log-in details to your browser — Some browsers store this information in unsafe ways and another person could access your accounts if they gain access to your device.

Tips for Family and Friends

Consider sharing what you've learned about passwords and ask family and friends to share their cybersecurity knowledge and experiences.

1. Never reuse passwords — Create a unique, strong password for each of your accounts and devices, so in the event that one account gets hacked, the others remain secure. 
2. Create memorable, long passwords — Passwords based on dictionary words, pets' names, or other personal information can be easily and quickly guessed by attackers. 
3. Use a password manager — These tools securely store and manage your passwords and automatically generate options for strong new passwords.

What is the university password policy?

To learn more about our password policy, visit Villanova University Password Policy.