Choosing Passwords:
Passwords must contain at least seven non-blank characters.
Passwords must contain a combination of letters (preferably a mixture of upper and lowercase letters, but not required), and at least one number and/or a special character. Examples of special characters include #$_
Passwords may not contain the username.
Passwords should not include well known names or identification numbers.
Birthdays or Social Security numbers must not be used.
Passwords may not include common words from an English dictionary or foreign-language dictionary.
Passwords may not contain commonly used proper names, including the name of any fictional character or place.
When a password is reset, it must not duplicate the previous password.
Passwords are case sensitive, so "password" is not the same as "PASSWORD".
Password Protection Guidelines:
Do not share passwords except in emergency circumstances or when there is an overriding operational necessity.
Change your password immediately after sharing.
Do not leave passwords in a location accessible to others or secured in a location for which protection is less than that required for information that the password protects.
Do not send your password or any other sensitive information via email.
If you suspect your password has been stolen or compromised, change it immediately!
Do not write your password down and post it in a unsecured area such as your computer.s monitor.
Why is password security so important?
Passwords are the virtual keys to the FSU networking system. Passwords give you access not only to all the files and information on your computer (data files, email, network drives, etc.), but also to student and financial information.
Passwords have become so common, so much a part of our daily lives, we treat them with casual indifference. As a result, we too often forego security for convenience. We come up with weak passwords that are easy to guess. We store passwords unprotected on our desktops. We write them down and tape them to our computer screens. If you password is stolen, you will not be the only one affected. Identity theft has become an epidemic and we all need to take measures to protect ourselves and our students.
How are passwords stolen?
Other than the obvious (a written down password or a password that has been entrusted to someone you know), hackers use cracking programs that can launch dictionaries to try and match your passwords in mere seconds.
Weak passwords will be quickly guessed while strong passwords may never be guessed:
Passwords |
Time to Hack |
| 4 character lower or upper case letters | a few seconds |
| 4 character lower and upper case letters | a few seconds |
| 4 character lower and upper case and number | a few seconds |
| 5 character lower or upper case letters (e.g passb) | under 60 seconds |
| 5 character lower & upper case letters (e.g passB) | approx 6 minutes |
| 5 character lower & upper case and number (e.g Pasb1) | approx 15 minutes |
| 8 character lower or upper case | approx 58 hours |
| 8 character lower & upper case | approx 21 months |
| 8 character lower & upper case and number | approx 7 years |
| 10 character lower or upper case | approx 5 years |
| 10 character lower & upper case | approx 4648 years |
| 10 character lower & upper case and number | approx 26984 years |
What are the guidelines for strong passwords?
Use at least seven characters; the more characters, the better (as long as you can remember them).
Make your password easy for you to remember but hard for someone else to guess.
Intersperse punctuation marks or symbols such as #, $, %, etc. Do not use a blank space.
Always use a mixture of upper- and lower-case characters.
Never write down your password; someone else might see it.
Select a unique password. Do not use a password that you are using for some other purpose, such as your PIN at the bank or your password to another system.
