Last updated 12/7/99

Capital Region Information Service of New York

Choosing a good password

It is imperative to have a password that cannot be easily guessed by others. It has been found that over 20% of users have passwords that can be easily guessed (or "cracked''). The following would be considered good passwords:

  1. Passwords having at least six characters
  2. Passwords having both upper and lower case letters
  3. Passwords having numbers and punctuation
  4. Passwords consisting of "nonsense'' words
  5. Passwords containing a spelling mistake

Passwords satisfying any of the following criteria can be easily guessed by password cracking programs, and are therefore very insecure.

  1. Passwords based on user's account name
  2. Passwords based on user's initial or given name
  3. Passwords based on spouse's / child's name
  4. Passwords that exactly match a word in the dictionary
  5. Passwords that match a word in the dictionary with one or more letters capitalized
  6. Passwords that match a reversed word in the dictionary
  7. Passwords that are less than six letters long
  8. Passwords based on license plate numbers
  9. Purely numeric passwords, like those based on telephone numbers, Social Security numbers, house address, birthdays etc.
  10. Passwords based on common keyboard sequences like "qwerty'',''aaaaa'',''11111'' etc.

CRISNY Homepage