The University of Tennessee
A-Z Index  /  WebMail  /  Dept. Directory
 

IT Security Awareness Training

Topic 2: Good Password Sense

Password movie still

To watch the video, click on the icon below that matches your media player. If you don't have a player, go to our download page. If you need a video with text captions, please visit our text-captioned page.

flash player icon
quicktime player icon
real player icon
windows media player icon
A good password is a strong, secure password. Passwords are constructed from at least three of the following characteristics and will be at least 8 characters long:
   Numeric character (1, 2, 3, 4, 5, 6, 7, 8, 9, 0)
   Special character (/, [, -, =, +, !, #, $, etc.),
   Lowercase character (a, b, c, d, e, f, g, etc.)
   Uppercase character (A, B, C, D, E, F, G, etc.).
A good password is more than strong construction. A good password is a secure password; one that is not shared with anyone. When users share their passwords with others, they put all the information that is protected by that password at great risk. Sharing passwords can cause unwanted break-ins from unknown individuals and, sometimes, by known individuals. For example, an ex-boyfriend who decides to use your password to your e-mail account, pretending to be you and breaks up with your current boyfriend!

A secure password is one that is not posted, written down, or shared. Experienced hackers know to look for exposed passwords that are taped on monitors, hidden under keyboards, or even in a desk drawer.

The following methods are very useful when creating a new password:
   Choose a password that is easy to remember. Mnemonics provide the ability to associate meaningful data with a password. For example, "one fish two fish red fish blue fish" becomes ()F2f|Fbf. Books and movies provide great passwords, as do phrases such as "I-40 was slow as molasses this morning" which becomes I4()W$aMtM.
   Try to avoid converting letters to numbers, like changing "e" to 3 or "o" to 0. Instead use special characters that resemble the letter, such as changing "o" to (), and "r" to |2. The password should not contain your username, or any part of your full name.
   Do not base the password on personal information (spouse's name, favorite sports team, etc).

If you need to change your UTK NetID password, visit our Password Change Reference page.

Interested in Exploring More?

Here are some links with more information for you to consider:

Security Focus Password Refresher
Tips From Microsoft On Selecting Secure Passwords
Red Hat Password Security


IT Security Awareness Training Topics
Virus Protection
Passwords
Storing Sensitive Data
Spyware
Email Hoaxes

Virus Protection

Passwords

Storing Sensitive Data

Spyware

Email Hoaxes


Desktop Security
Phishing
Firewalls
File Sharing
 

Desktop Security

Phishing

Firewalls

File Sharing and Copyright

 



If you need any assistance, email aware@itc.utk.edu for help.

Click here to go back to the main Security Awareness Training page.