SLAC Computer Security
Search SLAC
Suggestions for Selecting Good Passwords

This article on choosing good passwords is by Lionel Cons of group CN/SW at CERN. It appeared in CERN Computer Newsletter 210. Mr. Cons kindly allowed us to adapt it for SLAC users.

Introduction

A good password:

Remark: even if you use very good passwords you should change your passwords from time to time (at least twice a year).

Why you should choose good passwords

The use of a bad password may allow someone to use your account and therefore to use, modify, corrupt or destroy any of your files or any files that you are allowed to modify.

As many of the computers at SLAC are connected together, the mis-use of one account on one computer may lead to problems for several accounts on several machines, including big, expensive ones.

As stated in the 'Computer Account Responsibilities' form (a set of rules agreed by every user of a SLAC computer requiring an account) every user must take care of protecting his/her account and data. If you use a bad password, you allow someone to use or mis-use SLAC facilities and you are responsible for that. Furthermore, if someone using your account caused problems, you will be accused of this and you've got no means to prove that it was not you!

How many passwords should you have?

You will probably hear conflicting advice on this topic. On the one hand, having one good password that you can remember is a convenience, helps keep you from the hassle of getting your passwords reset if you forget them, and helps keep you from committing the security breach of writing your passwords down. One the other hand, if someone does obtain your password, they have access to all of your accounts on all systems. This is one of the primary ways that hackers jump from system to system and site to site.

It also may not matter how hard your password is to guess. Some of the primary methods used today to collect passwords are 'sniffers' on the ethernets or on the keyboards of computers that have been broken into. If you log in from another site, or using a "public" machine at a conference, or from home using an Internet Service Provider, you expose your password.

A good compromise is to have one password for each security 'domain' that you deal with. A security domain can be thought of as an area that has distinct security requirements that should keep it separate from other things that you do. For instance, if you have several accounts for general use, email, etc. at SLAC, they could all use the same password. If you had another account at SLAC that had administrator or super-user privileges on a machine, then that is a separate domain and should have a different password. Accounts at SLAC should have different passwords from accounts at other places. You especially should not have the same password on an online service provider as you do on your SLAC account. Passwords for web-based services and other Internet services are generally not very secure and shouldn't be reused for your SLAC accounts.

If you're unsure about the security requirements of systems that you have access to, ask your system administrator whether there are any guidelines, or possibly even some strict requirements, about password selection and management that should apply to you.

How to choose a password that is not easily guessable

The programs that try to guess passwords (or the attacker of a machine) do not try all existing passwords, they only try a large number (10^9) of "frequently used" passwords. So if you stay out of this search space you are reasonably safe; to do so you can follow the following guidelines:

First, here is what you should NOT do:

Then, here is what you should do:

Important note: please remember that each operating system imposes its own restrictions:

Note:

If you use mixed-case characters, try not to use:

Owner: SLAC Computer Security
Last Updated: 08/16/2010
Feedback: Please send to
Computer Security Feedback