“Lkout”
Initiative
Choosing a
Strong
Password
Important Note
The information published hereafter
is just a collection of selected IT
industry best practices and tips that
might assist you in improving the
security levels against computer
related threats while exercising your
computing activities.
The information published hereafter
is not meant in any way to provide
a comprehensive solution nor to
ensure full protection against
computer related threats.
2
Choosing Good Passwords
> Weak passwords are one of the most
common reasons for identity theft and
access to your or your organization
information.
> When choosing a password, make it
as difficult as possible for someone to
guess but as easy as possible for you
to remember.
3
The DON’Ts in password
construction
> DO NOT construct a password
based on your login name in any
form
> DO NOT construct a password
based on biographical information
about yourself or your family
members such as:
 Names of family members
 Birthdates or important events
 IDs (social security number or
driving license number)
4
The DON’Ts in password
construction
> DO NOT construct passwords based
on your telephone number, the
brand of your automobile, the
name of the street you live on, etc.
> DO NOT construct passwords based
on your favorite pet’s name.
> DO NOT construct passwords based
on your friends names, or favorite
star, etc.
5
The DON’Ts in password
construction
> DO NOT construct passwords with
words that can be found in a
standard dictionary (English or
foreign) or are publicly known slang
or jargon.
> DO NOT construct passwords that
are based on publicly known
fictional characters from books,
films, and so on.
> DO NOT construct passwords based
on the company’s name or
geographic location.
6
The DON’Ts in password
construction
> DO NOT construct a password
using a word identified in the
previous bullet points that is
reversed, rearranged, doubled, or
even mirrored.
> DO NOT construct a password
using a word identified in the
previous bullet points event if you
substitute certain numerals for
characters they look like (0 instead
of an “o” and 1 instead of an “l” or
“I”). Example: “pa$$w0rd”.
> DO NOT construct a password
using popular patterns like “xyz” or
“qwerty”
7
The DOs in password
construction
> DO construct passwords that
contain at least 6 characters.
> DO construct passwords that start
with a letter.
> DO construct passwords that
contain at least one uppercase
letter (e.g. N) and 3 lowercase
letters (e.g. t).
> DO construct passwords that
contain at least one numerical
character (e.g. 5).
8
The DOs in password
construction
> DO construct passwords that
contain at least one special
character such as “!” if the
application server permits.
> DO select a new password that
contains at least 4 characters that
are different than those found in
the old password you are
replacing.
9
The DOs in password
construction
> DO construct a password that is
easy to remember.
> DO construct a password that you
can type quickly, without having to
look at the keyboard. This makes it
harder for someone to steal your
password by watching over your
shoulder.
> DO construct a password that is
hard to guess even by someone
who knows you well.
10
Putting Theory to Practice
Example 1:
Pick a sentence that reminds
you of the password.
What time is my accounting
class in Nicely 204?
WtimaciN2o4
If my car makes it through 2
semesters, I'll be lucky
imCmit2s,Ibl
11
Putting Theory to Practice
Example two:
Be creative with your passwords
I miss you = nohss!w!
I feel great = If33lg8!
Wildcats are #1 = W!ldcatzR#1
12
Putting Theory to Practice
Example three:
Using Lebanese Language in
your passwords
> Shee_te32eeed!
> 3aseer3nab
13
Putting Theory to Practice
Example four:
Use every day words.
Add characters. Misspell one or
both words.
> Friendship =
Fr13nd+ch1p
> Lifelong
Layfl000ng
=
> Teddybear =
T3deBaRe
14
Putting Theory to Practice
Example five:
Alter numbers
> 1014
=
tenfourteen
> 1014
=
tenf.our
> 1014
=
oneOone4
> 1014
=
wnOwn4
> 1014
=
Tn.4.Tn
> 1014
=
tnfrtn24
(10+14= 24)
15
Putting Theory to Practice
Good reference:
http://www.wikihow.com/Remember-Your-Password
16
Acknowledgements
>
Computing and Networking Services
team.
>
Work-Study students:
Marwa Abdul Baki
Donna Bazzi
>
www.CartoonStock.com
17