You are here: Home / Data / Restricted-Use Data / Security Plans / Passwords

Choose a Good Password

A good password SHOULD

  • be at least 15 characters in length
  • be a multiple of seven characters (7, 14, or 21) (for Windows)
  • use at least one non-alphanumeric character. These are: ~!@#$%^&*()_+-={}|[]\:";'<>?,./`
  • use at least one numeric character (0-9)
  • use a mix of upper and lower case letters
  • be very different from the last password used for that account (at least four characters not used in the previous one)
  • be changed often (i.e., at least every 90 days) 

A good password SHOULD NOT

  • include any personal information about you (e.g., nicknames, initials, login name, SSN#, address, birthday)
  • include any personal information about your relatives
  • include any information about your work (e.g., office number, project name)
  • be the name of any computer (e.g., dell, unix)
  • be written down anywhere or in any file on any of your accounts
  • see www.xkcd.com/936