Choosing and Protecting Passwords

Choosing a strong password is often the key to keeping your account safe from hackers who use several types of programs to help guess or crack passwords. We want to help you understand the process of creating and maintaining a secure account.

Here are some helpful hints for keeping your passwords safe and secure:

1. Avoid using personal information

Passwords based on personal information are easier to remember, but should never be used. Your birthday, address, or phone number is often publicly available, which makes it easier for a hacker to guess your password and gain access to your account. Additionally, avoid using common phrases, famous quotations, and song lyrics.

2. Make passwords longer

Passwords like "HEEL4ZA7oZsl0wMhb7I4Q15FVoDu" would be a strong password because it has 28 characters and includes a mixture of upper and lowercase letters, numbers, and special characters. Each application has a different password length limit and set of rules, so be aware of what is accepted.

3. Develop Memory Techniques (mnemonics)

Intentionally misspelling a word ("jrive" vs. "drive") offers some protection against dictionary attacks, but an even better method to protect your password is to rely on a series of words and use memory techniques (mnemonics). For example, instead of the password "bank," use "IbL" for "[I] [b]ank [L]ocal." Using both lowercase and capital letters adds another layer of obscurity. Changing the same example above to "Ib!L." creates a password very different from any word found in the dictionary.

4. Use different passwords for each system

Never reuse a password! Reusing a password endangers your accounts just as much as using a weak password. If attackers guess your password, they have access to all your other accounts with the same password.

5. Consider using a password manager program

After choosing a password, do not leave it somewhere people can find it. Writing it down and leaving it on your desk, next to your computer, or taped to your computer, makes it easily accessible for someone with physical access to your office. Never tell anyone your passwords, including phone calls or email messages requesting that you reveal your passwords.

6. Don’t forget security basics
  • Keep your operating system, browser, and other software up to date.
  • Use and maintain antivirus software and a firewall. 
  • Regularly scan your computer for spyware. (Some antivirus programs incorporate spyware detection.)
  • Use caution with email attachments and untrusted links.
  • Watch for suspicious activity on your accounts.