Best Practice: Passwords

David P. Jones III -

Passwords are used to protect our personal information on nearly all computers, but unless they are used properly the protection they provide may be weak.

You should change your password on a regular basis.

Follow these guidelines to create good passwords and keep them safe: 

  1. Never write passwords down.

  2. Never send a password through email.

  3. Never include a password in a non-encrypted stored document.

  4. Never tell anyone your password.

  5. Never reveal your password over the telephone.

  6. Never hint at the format of your password.

  7. Never reveal or hint at your password on a form on the internet.

  8. Never use the "Remember Password" feature of application programs such as Internet Explorer, your email program, or any other program.

  9. Never use your corporate or network password on an account over the internet which does not have a secure login where the web browser address starts with https:// rather than http://

  10. Report any suspicion of your password being compromised to IT.

  11. If anyone asks for your password, refer them to IT.

  12. Don't use common acronyms as part of your password.

  13. Don't use common words or reverse spelling of words in part of your password.

  14. Don't use names of people or places as part of your password.

  15. Don't use part of your login name in your password.

  16. Don't use parts of numbers easily remembered such as phone numbers, social security numbers, or street addresses.

  17. Be careful about letting someone see you type your password.

You should not give your password to anyone. If IT support staff need to access your account to check problems, they should set a new, temporary, password. Change this password to a more secure one immediately afterwards.

Have more questions? Submit a request


Powered by Zendesk