Last Updated: Friday, January 18, 2019
found this helpful.
The purpose of this guideline is to inform Hendrix College
Account holders on best practices and recommendations for creating and
maintaining strong passwords.
Make your password easy to remember, but hard to guess
Complex passwords with special characters, upper- and lower-case letter, and numbers are difficult to remember and do not always provide more security. Using a longer passphrase instead is often a better idea. This can be a quote you remember, a song lyric, or even a bunch of random words.
Image: https://imgs.xkcd.com/comics/password_strength.png (Licensed under Creative Commons 2.5)
Password Length: Longer is Better
The minimum required length of passwords on the network is 12
characters, but we recommend 14 or more for the strongest password. Short
passwords are much more easily guessed by computers.
Don’t Reuse Passwords
If you reuse a password with many different accounts around
the internet and one of them get’s compromised, hackers can easily gain access
to all the accounts you use with the same password. For that reason, it is
never a good idea to re-use passwords, but especially for sensitive accounts
like your Hendrix Account. If you want to see if your information has been included in any of the many leaks in the past several years, you can check this website: https://haveibeenpwned.com/
Don't use your dog's name or "Hendrix" in your password
A very common method hackers use to find your password is social engineering and data mining. If you've posted your dog's name or where you work on Facebook or your first street name and your favorite color and then use that in your password, you've greatly increased the risk that a hacker can guess your password or use your "forgot your password" questions to gain access to your account!
Don’t use the same password for too long
The College network requires users to change their password
every 6 months to reduce the risk that your account has been compromised. For
your personal accounts you should always change your password more frequently
for more sensitive accounts (such as your bank accounts).
Don’t put your password under your keyboard
It’s also not a good idea to put your passwords on a note in
your wallet. We recommend that you use a good password manager if you need to
store your passwords. A good password manager will have high ratings from
reviewers you trust and should also allow you to use Multi-Factor Authentication.
A password that is reasonably difficult to guess in a short
period of time either through human guessing or the use of specialized
(MFA) is a security system that requires more than one
method of authentication from independent categories of credentials to verify
the user’s identity for a login or other transaction.