All passwords must meet the following complexity guidelines:

The password MUST:

• Contain TEN characters or more
• Contain characters from each of the following four character classes:
  • Upper -Alphabetic (A-Z)
  • Lower – Alphabetic ( a-z )
  • Numeric (i.e. 0-9)
  • Punctuation and other characters (e.g., !@#$%^&*()_+|~-=`{}[]:”;'<>?,./)

The password MUST NOT:

• Contain spaces
• Be a derivative of the username
• Be a word found in a dictionary (English or foreign)
• Be a dictionary-word spelled backwards
• Be a dictionary-word (forward or backwards) preceded and/or followed by any other single character (e.g.,secret1, 1secret, secret?, secret!)

Mnemonics help us select a strong, complex password that we won’t forget.

Your password should be (a) easy for YOU to remember, (b) hard for someone who sees it to remember, and (c) hard for anyone to guess.

We can use a mnemonic device (a memory trick that helps us recall something) to create a complex password that is also easy to remember. For example, we can create a password from the first letters of an easily-remembered phrase, poem, or song lyric. The phrase “Jack and Jill went up the hill,” results in the password ” J&Jwuth”.  Note that this password is seven characters long and contains upper case, lower case and special characters.  For mnemonic passwords to be useful, the phrase must be easy to remember.

How to Choose a Good Password:

• Choose a short, simple phrase, six to eight words, that will be easy for you to remember.
  I like to eat green peas.
• If any of the words are homonyms (sound alike but have different meanings) for other letters or symbols, write them with those symbols (e.g., are =r, you = u, two = 2).
  I like 2 eat green peas.
• Now, make an acronym. Drop all but the first letter of each word.
  Il2egp
• Capitalize arbitrarily, but with restraint, try to keep the password easy to remember.
  iL2eGp
• Add a punctuation mark or two to bring your password’s length to seven or eight characters.
  iL2eGp!
• Here are some popular character swaps to get you thinking:     A = 4 = @     B = % = 8 = 6     E = 3     G = 6     I = 1(one)  or =  !     K = or = x     O(oh) or  0(zero)     q = 9     S = $ or = 5     T = 7

Example: for those about to rock, we salute you

• Now, take the first letter from each word: f t a t r w s y
• Change the word ‘For’ to the number 4: 4 t a t r w s y
• Perhaps it’s easier for you to remember a ‘U’ instead of the ‘Y’ from the word ‘You’: 4tatrwsu
• Now capitalize one of the words, preferably one with extra importance: 4tatRwsu

Resulting password: 4tatRwsu

Adjusting passwords for other accounts

How can you adjust the password to use it for other accounts? You can add a character to the beginning or end of the password that relates in some way to the site or service you need the password for (or if length is an issue, replace one of the characters). Using the example password created above, replace the ‘W’ from the word ‘we’ with the first letter of the name of the site or service. So the phrase in my head might end up sounding like this “For Those About to Rock, Amazon Salutes You” which would translate to 4tatRAsu (I’ll capitalize the letter since the names will usually be proper names, and it should make the password even stronger). Here are a few more examples:

• CNN.com = 4tatRCsu For Those About to Rock, CNN Salutes You
• The New York Times = 4tatRNsu For Those About to Rock, New York Times Salutes You (you’ll need to decide if you want to use ‘T’ for ‘The’ or ‘N’ for ‘New’)
• Target = 4tatRTsu For Those About to Rock, Target Salutes You
• AT&T = 4tatRAsu For Those About to Rock, AT&T Salutes You
• Google = 4tatRGsu For Those About to Rock, Google Salutes You

Examples of Memorable Phrases and Passwords

Please do not use these examples for your actual password!