Skip to the content
Link back to Cal State L.A. Home Page
Information Technology Services
Contact us: (323) 343-2600 or email

ITS News


Menu

In this issue...

Block That Virus!
Block That Spam!

Enhanced services reduce viruses and spam in your mailbox

Open Sesame

Guidelines and tips for creating and securing strong passwords

E-mail and ID Theft

Protect yourself from scams, hoaxes, phishing, and more.

Campus Media Resources

Ordinary classrooms become technologically enhanced with mobile TEC carts.

ITS Help Desk Advisor

Tips, tricks, and techie tidbits

ITS News is published by Information Technology Services

E-mail suggestions to: itsnews@calstatela.edu

Peter Quan
Vic President and CTO
Information Technology Services

Carol Melton
Editor/Writer

Dennis Kimura Newsletter Design

Image: ITS News Banner Logo

Fall 2004

California State University, Los Angeles

Open Sesame: The Case for Strong Passwords


Image: Computer with lock
It might be impossible to defend against hackers, sniffers, or pranksters when passwords can be easily discovered. Those easily “cracked” passwords are the weak link in most computer environments. One weak password can render an entire system vulnerable to unauthorized access, regardless of what other security measures are in place. In other words, anyone who has the key can open the door. The solution: have strong, hard to crack passwords!

What Makes a Strong Password?

Strong passwords are the first line of defense against unauthorized access to many campus resources. Follow the best practices below to create passwords that will be hard to crack.

A strong password. . .

  • Contains 8 or more characters
  • Depending upon system limitations, contains characters from each of the following four groups:
         Uppercase letters
         Lowercase letters
         Numerals
         Symbols (all keyboard characters not defined as letters or numerals)

    Note: Passwords made from all one case letters have a similar strength if they are 4 characters longer than passwords containing characters from the entire keyboard.]
  • Does not contain user name (user ID), real name, company name, pet name, family’s names, favorite hobbies, TV shows, or movie names
  • Does not contain a complete dictionary word Is significantly different from previous passwords
  • Does not increment with every password change (e.g., Password1, Password2, Password3 …)
  • Should be hard to crack, but easy to remember. [Example: Make up a sentence, and then use the first letter of each word or sound, adding a couple digits or symbols and uppercase letters. E.g., “Tennis anyone??” becomes the password: “10Sne1??” or “I love 8 hot fudge sundaes best.” becomes “iL8hfsB!”]
  • Does not have more than two characters repeated consecutively
  • Does not use adjacent keyboard characters as the entire password (e.g., asdfghjkl, qwertyu, 12345678) – these passwords are easy to crack.

Safeguard Your Password

No matter how strong the password, not securing it defeats its purpose. Every password needs to be protected from unauthorized users. Here are some tips to help you safeguard your passwords:

  • Change your default password immediately upon first logging into an account.
  • Do not write down your user ID and password, post them on your monitor or desk, put them under your keyboard or mouse pad, carry them in your wallet, or put them in your PDA device.
  • Don’t share your user ID and password with others.
  • Change your password immediately if you believe your account has been compromised.
  • Enter your user ID and password when you are certain no one is observing you.
  • Never use another person’s user ID and password.

By following these simple suggestions to create and secure strong passwords, you will better protect your accounts, campus resources, and confidential information. Remember, security is everybody’s responsibility!

top