Password Security

Passwords are the first line of defense against cyber criminals.

Raw code with the word password under a magnifying glass

Create Strong Passwords/Pass Phrases 

Too often, we have had to create AND remember passwords that looked something like this:


The days of solely focusing on password complexity are over.  Experts agree using a pass phrase or a series of random dictionary words is a smarter way to approach password strength.  The following tips will help you in creating a strong, memorable password or phrase:

  1. Longer is stronger. The best passwords are at least 10 characters in length. Include some capitalization and punctuation.
  2. Use a phrase. Pass phrases are easy to remember, but difficult to guess.  If the service will allow, use spaces as special characters for added strength. This also makes the phrase easier to type.
  3. Misspell a word or two.  Make a note of what was misspelled until typing the pass phrase becomes a habit (usually within a few days).
  4. Consider using a nursery rhyme, movie quote, or song lyrics, and then put a twist on it.  Here are some examples (DO NOT USE THESE EXAMPLES, or any phrase you find directly on the internet):
  • Nursery rhyme example:  The green cow jumped over the moon!
  • Twisted movie quote:  The films became miniscule? (twist on Sunset Boulevard quote)
  • Twisted song lyric:  Infant, We Will Race (twist on "Born to Run" lyric)

A good password is one that is easy for you to remember, but difficult to guess.

Unsure as to the strength of your password?  Password strength checkers like How Secure is my Password? will rate your password's strength based on how long it would take to crack.

Protect Your Passwords 

  1. Never share your passwords with others.
  2. Change your passwords periodically. If you have been compromised, change your passwords IMMEDIATELY.
  3. Don't enable the "remember password" function on websites. 
  4. Use a unique password for each of your important accounts. Choosing the same password for each of your online accounts is like using the same key to lock your home, car and office: if a criminal gains access to one, all of them are compromised. It may be less convenient, but picking multiple passwords keeps you safer.

Use a Password Manager 

Having to memorize numerous, long, complex passwords can be difficult. Password managers are a great tool that can generate and store passwords for you.

If you choose to use a password manager, you'll still have to remember at least one thing: your master password. Be sure to make it extra-secure and composed of at least 12 characters to ensure that it's not vulnerable to attack.

Enable Two-Factor Authentication

Any time a service like Gmail, Facebook, or your bank offers "two-step" or "two-factor authentication," use it. Passwords are no longer enough protection, especially for sensitive information. Two-factor authentication puts an extra layer of security on your accounts by requiring something you know (e.g., password) and something you have (e.g., cell phone receiving text message with additional code verifying your account).


NetID+ is the UA’s two-factor authentication resource. Go to UA NetID+ to learn more and enable it now.