How to Make a Strong Password
When employees use passwords that are simple and easily guessable (i.e., “weak”), it provides an opportunity for others to gain unauthorized access to the information system. A weak password typically is alpha/numeric with a symbol and is no longer than 6 characters. A weak password could take a hacker 22 HOURS to crack; even worse, an alpha-only weak password of 6 characters could be cracked in as little as 90 minutes! In contrast, a strong password using alpha/numeric and a symbol that is up to 8 characters could take a hacker 23 YEARS to crack.
"Strong passwords" containing 8 characters are easy to create, for example:
1. Take a familiar word and format it like an email, such as “Summer@2002.com” or “jennieC@06.com”; this is easy to type, easy to remember, 15 characters long, upper and lower case, and uses 2 special characters.
2. Create "input rules" to help you remember the password. Example: For each password place a special character at the beginning, make the 2nd character a capital, and place a number 1 character from the end (the user can also pick a word that is application specific, such as Cerner) = >cErne1r this formula can be reused each time the user needs to change the password making it easier to remember; additionally, the user can easily increment the number making the password easy to remember = >cErne2r
3. Create a pass phrase, such as "I traveled to key west in 2002", and then take the first letter from each word, change one character to a special symbol and use two digits from the year = I!tkwi02 OR Ittkwi02. OR |Ttkwi02; you can also move the numbers around = 0Ittkwi2; this allows the user to continue to use the same password repeatedly by just changing the sequence.
If you have any questions, please contact your Entity’s Chief Privacy & Security Officer.