What password should I use?

Passwords must be at least 9 characters long.

Two rules about passwords

  1. Passwords of 9 to 15 characters in length have a number of restrictions:

    • It must not contain common words or substitutes
    • It must not include your username or real name
    • It must contain characters in more than one of these groups: lower case, upper case, numbers, and punctuation. For example, these would not be valid passwords:
      • eiavmdlst
      • ADSMLEDSU
      • 223592039
      • &@#$^#$#%
  2. Passwords longer than 15 characters must follow these rules:

    • It must not include your username or real name.
    • It must contain at least two types of characters (lowercase, uppercase, numbers, punctuation).
      For example:
      OK: My cat is not happy
      OK: my cat is not happy.
      Bad: my cat is not happy

How to create a good password

Option 1: The easiest way is to use a passphrase that is more than 15 characters long. You can pick anything you want, so it should be relatively easy to find something you can remember. Here are two examples:

Note that you need to come up with your own phrase; the examples above should not be used.

Option 2: Another option is to login to our accounts page, follow the "Set/Disable Password" link on the left hand column, and pick one of the suggestions the system offers. When picking a suggestion, do not cut and paste! Type in the password twice, to ensure that you can type it in reliably.

Write it down and keep it in your wallet (not on your monitor or anywhere not private). Within a week you will have it memorized, just like you can remember your telephone number and social security number, even though they aren't "easy to remember". Remember to destroy any paper record once you have it memorized.

Option 3: Create your own password following the rules listed above regarding passwords that are 9 to 15 characters in length.

Bad Passwords

Systematic password guessing attacks are sophisticated and will routinely 'crack' these types of passwords:

Finally, passwords are confidential. DO NOT GIVE YOUR PASSWORD TO ANYONE!

 

Please feel free to also check out the Offical ISC password page.

 

© Computing and Educational Technology Services
cets@seas.upenn.edu | 215.898.4707