Passwords


One of the most common ways for hackers to gain access to personal information is by cracking passwords. With one keystroke they can attempt to hack into thousands of computers using hundreds of combinations of passwords. Out of the thousands of computers hit a handful of passwords will be cracked. This page will teach you how to chose a password that can help protect you from malicious attacks.


Making Good Passwords

Phrases:

  • Combine a letter from each word in a phrase
  • Pharases could come from: song lyrics, a favorite poem, a meaningful quote, or a totally random combination

Examples:

  • Quote: Jack and Jill own two cats named Whiskers and Tuna. Password: J&Jo2cnW&T
  • Quote: When the lights out it’s less dangerous, here we are now entertain us. Password: Wtl01ldhw4n3u

It’s good to have a few different passwords to use for different accounts.


Characteristics of a Strong Password

  • Be at least eight characters long
  • Passwords may not contain words found in a dictionary
  • Must NOT be anything easily associated with you (for instance, information someone could learn about you from Facebook) such as
    • your user id
    • your name
    • your phone number
    • your address
    • your pet’s name
    • your birthday
    • friends or family member names or birthdays
    • any other information that can be easily found about you
  • Must include three of the following four elements
    • upper case letters
    • lower case letters
    • digits
    • punctuation

Using the tips and characteristics above, try making a strong password. Once you’ve made one you’re comfortable with, memorize it, and store it securely if you need to.

Also, don’t forget to visit your GatorLink account to update your password.

Two Minute Video Explaining Strong Passwords


Gatorlink Accounts Can Now Use Pass Phrases!

Gatorlink Accounts can now use pass phrases instead of passwords! Passphrase are much longer than normal passwords, but allow you to use memorable phrases rather than short but complicated passwords. The selection of a pass phrase of at least 18 characters eliminates the password composition rules and dictionary check, although pass phrases are still subject to minimal tests to prevent use of common or trivial phrases. Also be aware that the UF system does not yet allow the space character in pass phrases.

This XKCD comic illustrates how secure pass phrases can be! For more information on pass phrases visit Diceware. The two keys to a good passphrase are in the total length, and the lack of relationship between the words. Software can very rapidly test the text from books (trying common phrases), so direct quotes are not good choices. It is also important that the words chosen come from a suitably large set – most people commonly use only about 1,000 words, so picking words to use can lead to a much less random pass phrase. The Diceware approach uses a large enough set of words to choose from that the results are extremely difficult for another person or software to guess.

The Diceware website explains the mathematical basis for the strength of passphrases, and Ars Technica published a informative series on how passwords are broken.

password_strength


Storing Your Password

Once you create a strong, hard-to-crack password, you may want to write it down. Just make sure it’s discretely hidden and protect it like a credit card, for example.


Fun Password Tip: “Passwords are like underwear”

  • Passwords are like underwear. Change yours often.
  • Passwords are like underwear. Don’t share them with friends.
  • Passwords are like underwear. The longer, the better.
  • Passwords are like underwear. Be mysterious.
  • Passwords are like underwear. Don’t leave yours lying around.

For a more technical description of passwords please review the Authentication Management Policy