Password Security

Password Security

Passwords are the first line of defense against cyber criminals. Hackers have many different ways of attempting to gain access to accounts, but your ability to avoid an attack is highly dependent on the strength of your password.

The information below will help you to: 


Create Strong Passwords/Pass Phrases 

Too often, we have had to create AND remember passwords that looked something like this:

crazy password

The days of solely focusing on password complexity are over.  Experts agree using a pass phrase or a series of random dictionary words is a smarter way to approach password strength.  The following tips will help you in creating a strong, memorable password or phrase:

  1. Longer is stronger. The best passwords are at least 10 characters in length. Include some capitalization and punctuation.
  2. Use a phrase. Pass phrases are easy to remember, but difficult to guess.  If the service will allow, use spaces as special characters for added strength. This also makes the phrase easier to type.
  3. Misspell a word or two.  Make a note of what was misspelled until typing the pass phrase becomes a habit (usually within a few days).
  4. Consider using a nursery rhyme, movie quote, or song lyrics, and then put a twist on it.  Here are some examples (DO NOT USE THESE EXAMPLES, or any phrase you find directly on the internet):

    Easy to remember hard to guess

    • Nursey rhyme example:  The green cow jumped over the moon!
    • Twisted movie quote:  The films became miniscule? (twist on Sunset Boulevard quote)
    • Twisted song lyric:  Infant, We Will Race (twist on "Born to Run" lyric)

A good password is one that is easy for you to remember, but difficult to guess.

Unsure as to the strength of your password?  Password strength checkers like How Secure is my Password? will rate your password's strength based on how long it would take to crack.

back to top


Protect Your Passwords 

  1. Never share your passwords with others.
  2. Change your passwords periodically. If you have been compromised, change your passwords IMMEDIATELY.
  3. Don't enable the "remember password" function on websites. 
  4. Use a unique password for each of your important accounts. Choosing the same password for each of your online accounts is like using the same key to lock your home, car and office: if a criminal gains access to one, all of them are compromised. It may be less convenient, but picking multiple passwords keeps you safer.

back to top


Use a Password Manager 

Having to memorize numerous, long, complex passwords can be difficult. Password managers are a great tool that can generate and store passwords for you.

If you choose to use a password manager, you'll still have to remember at least one thing: your master password. Be sure to make it extra-secure and composed of at least 12 characters to ensure that it's not vulnerable to attack.

back to top


Enable Two-Factor Authentication

Any time a service like Gmail, Facebook, or your bank offers "two-step" or "two-factor authentication," use it. Passwords are no longer enough protection, especially for sensitive information. Two-factor authentication puts an extra layer of security on your accounts by requiring something you know (e.g., password) and something you have (e.g., cell phone receiving text message with additional code verifying your account).

NetID+ Word Cloud

UA NetID+
NetID+ is the UA’s two-factor authentication resource. Go to UA NetID+ to learn more and enable it now. While you're there, also enable the Global NetID+ function. Currently, only certain websites require the use of NetID+. However, Global NetID+ increases your protection by requiring all WebAuth logins to be two-factor.

back to top


 Videos: