Passphrases vs. Short Passwords

The days of hard to remember complex passwords are gone. Any shorter password can be cracked with today’s super-fast computers. The key to passwords is to make them long; the more characters you have the better. These are called passphrases: a type of strong password that uses a short sentence or a set of random words. Here are two examples:

 

Time for pizza at the beach towel!

Left-my-lettuce-and-cat-farm-home$

 

Make it easy for you to remember. Think of things that you might see on a street or at home that are random objects, actions, or descriptions. Some guidelines:

 

  • 12 characters, minimum: Choose a password that’s long. There’s no minimum. The longer the better. 5 random words generally make a good passphrase.

  • Words that are unrelated: “Horse-key-paper-birthday-large5!” for example.

  • Include some numbers, symbols, capital letters, and lower-case letters: Add a couple different types of characters to make the password harder to crack

  • Doesn’t Rely on Obvious Substitutions: Don’t use common substitutions — for example, “H0use” isn’t strong just because you’ve replaced an o with a 0, which is obvious for hackers.

 

Do not write down or give out your password

Avoid writing down your password, especially on a post-it that is adhered to your desk or computer screen.

 

Do not reuse or share your work credentials

Although it may be convenient to use your Google-based Maricopa email as a login/ username for a personal site or reuse a work password, there are a number of reasons why that could create significant risk to Maricopa. 

Let’s say you use the same password for work and on Facebook. If Facebook gets hacked and user account credentials are stolen, a hacker could easily take your reused password and gain access to Maricopa systems.  

If you have trouble remembering passwords, look into using a password manager.