Choosing a Strong Password
All UT EID holders are expected to choose strong passwords and guard them well. If someone else obtains your UT EID password, they can use your account to access your private data (including e-mail), alter or destroy your files, and perform illegal or inappropriate activities in your name. In such cases, it is difficult to find the culprit. Ultimately, you are responsible for your account and any activities performed using it.
The Importance of a Strong Password
If your computer is on the UT network or the Internet, someone else can have their computer test hundreds of password combinations against yours every second. This is called “brute-force” password cracking, and the best protection against it is a strong password.
What Makes a Password Strong?
A strong password is as long as possible. You must use at least eight characters in your password, and you can use as many as twenty characters. The longer the password, the less vulnerable it is to a brute-force attack.
- Have both upper and lower case letters.
- Have numbers and/or punctuation characters as well as letters.
- Are easy to remember, so they do not have to be written down.
- Can be typed quickly, so someone else cannot look over your shoulder and learn them.
A strong password in the UT EID system should not:
- Contain personal information such as your name, phone number, birth date or address. Even names of acquaintances, siblings, parents, or pets should not be used.
- Use any word in the dictionary, or based closely on such a word (such as a word spelled backwards).
- Use a word with letters simply replaced by numbers. For example, bl0wf1sh is not a strong password.
- Be easy to spot while you're entering it. Passwords like 12345, qwerty (that is, all keys right next to each other), or nnnnnn should be avoided.
Creating a Strong Password
It may take a few minutes to create a strong password that is easy to remember. ITS suggests that you try using phrases to create strong passwords. For example (do NOT use any of these examples as your password):
- rsKf0myH&1W2sYU - Raindrops keep falling on my head and I want to steal your umbrella.
- WrU2axy? - Who are you to ask why?
- bWtIso3! - Beware the ides of March!
Even if your passwords are strong, ITS recommends you change them approximately every six months. Also, never use your UT EID password for other online services such as shopping, your bank account, or e-mail accounts. You should have a unique password for your university accounts.