Some users may find that library search tabs (Articles, Guides, and Reference) do not work. While this issue is being resolved, you may access Subject and Course Guides directly at

3 Steps to a Strong Password

3 Steps to a Strong Password

Protecting the Keys to Your Online World
By William Deutsch, Guide

The ideal password is difficult to guess, but easy to remember. Here is a simple method for creating strong, secure, but useful passwords.

Step 1. Start with a Phrase or Name
A string of 15 characters makes for a very strong password. However, long passwords are be difficult to remember. Fortunately you can use a phrase to make a strong but memorable password. Try taking a line from your favorite book or movie and turning it into a password. Are you a Charles Dickens fan? Then the immortal opening line “It was the best of times, it was the worst of times,” can be compressed into a password like this: Itwasthebestoftimes. Or try taking the name of your favorite character and compressing it like so: Sherlock_Holmes.

Step 2. Mix In Symbols
Starting with a phrase, or memorable character name is a good way to start creating your password. To make the password even more secure, however, you should mix in symbols and numbers as well as vary the cases of your letters. Using this method, Itwasthebestoftimes becomes !tw@stheBe3tofTim3s. That’s a very difficult password to guess, but it still has enough of a memory hook that you can hold it in your head. Likewise Sherlock_Holmes can be transformed into Sh3rl0ck_H0lmes.

Step 3. Guard Your Passwords
Once you have created a strong, secure password, follow these three important rules.

  • Rule 1: Don’t Write Passwords Down – Your passwords are the keys to your online world. Hopefully, you don’t leave your front door key under the mat, or inside a fake-looking rock. Neither should you leave your password on a sticky note under your keyboard.
  • Rule 2: Don’t Use Personal Information – Birthdates, anniversaries, and street numbers may be easy for your to remember, but they are also easy for someone else to guess, so don’t use them as passwords.
  • Rule 3: Change Passwords Often – Individual users should change passwords every 30 to 60 days. System Level passwords should be changed quarterly.

A strong password policy may be inconvenient, but it’s nowhere near as inconvenient as a data breach or a network crash. Using this simple method for creating passwords, and then guarding them carefully, will keep this important layer of your overall security plan intact.