Password guidelines

You should have a unique password. Passwords should not be shared. Protect passwords as you would any other company asset. When creating passwords, make sure they are difficult to guess, but not so difficult that you have to write them down to remember them.

Using obscure passwords keeps your user ID secure. Passwords based on personal information, such as your name or birthday, are poor passwords. Even common words can be easily guessed.

Good passwords have at least six characters and include nonalphabetic characters. Strange word combinations and words purposely misspelled are also good choices.

Note: If your password is so hard to remember that you have to write it down, it is not a good password.

Use the following guidelines when selecting a password:

  • Do not use your user ID as a password. Do not use it reversed, doubled, or otherwise modified.
  • Do not reuse passwords. The system might be set up to deny the reuse of passwords.
  • Do not use any person's name as your password.
  • Do not use words that can be found in the online spelling-check dictionary as your password.
  • Do not use passwords shorter than six characters.
  • Do not use obscene words; they are some of the first ones checked when guessing passwords.
  • Do use passwords that are easy to remember, so you won't have to write them down.
  • Do use passwords that use both letters and numbers and that have both lowercase and uppercase letters.
  • Do use two words, separated by a number, as a password.
  • Do use pronounceable passwords. They are easier to remember.
  • Do not write passwords down. However, if you must write them down, place them in a physically secure place, such as a locked cabinet.