”TigerStrong Passwords

Guidelines

CCIT Strong Password Guidelines

 

Tips to Develop a Strong Password

Passwords should be different for every website or computer login and should be sourced randomly. Passwords for a particular system should never be shared with different websites or systems or with other people. The tips below can help you create secure passwords that follow the Clemson password policy.

 

Memorable Passwords

Strong passwords should be sourced randomly but that does not mean they cannot be something that is easy to remember. Longer but simpler passwords are in general better than short passwords that have difficult to remember substitutions or special characters. This means that a password such as “experimental techno involvement ground” are harder for an attacker to guess than passwords such as “inT3rfEre$#”. A good way to create a long password is to take between 4 and 6 random words that are at least 4 letters long and combine them.

 

Password Managers

Password managers can greatly simplify the process to generate, store, and retrieve different, secure passwords for every website. Your passwords are protected by a master password that is the only one that you need to remember and that is the most important to keep safe. Most password managers have smartphone apps in addition to desktop addons to retrieve or automatically fill in saved passwords on websites.

While CCIT does not promote one specific tool, the ones listed below can be used:

 

Password Strategies to Avoid

Some patterns are very common in passwords and are easy to guess by criminals and hackers. To avoid weak, easy-to-guess passwords:

  • Avoid sequences or repeated characters. “12345678”, “222222”, “abcdefg”, or adjacent letters on your keyboard do not help make secure passwords.
  • Avoid using only look-alike substitutions of numbers or symbols. Criminals and other malicious users who know enough to try and crack your password will not be fooled by common look-alike replacements, such as to replace an “i” with a “1” or an “a” with “@” as in “C1em$0n” or “P@ssw0rd”. While the substitutions combined with other

 

Responsible Division

CCIT

Reviewed Date

May 26, 2020