Creating a Secure Password

In this article:

Xavier's password requirements

Xavier passwords must meet the following requirements:

  • Must contain a total of 12 or more alphanumeric characters. (ie., letters and numbers)
  • Must contain at least one numeric character and one uppercase letter.
  • May contain spaces or special characters. Allowed special characters are: ! % * + - / : ?_ ' ;
  • The password must not be one that you've already used recently. Your last 12 passwords are remembered by the system.
  • Password must not contain easily-guessed patterns and words:
    • Seasons
    • Years
    • Your First/middle/last name
    • Variations on "Xavier" or "Musketeer"
    • Your Banner ID

How to easily build a strong password

It's a misconception that passwords must be so complex that even the owner can barely decipher it. Ironically, such passwords actually tend to be less safe. Human beings rely on patterns to remember overly complex things. An AI-based password cracker can deduce this patterns in hours, if not minutes.

A simple-yet-long password ("I have visited the 7 hills of Rome!") is more secure than a short-but-complex-looking ("C0mpl3X!") password.

The strongest passwords come from using a 12 or more character phrase (even a sentence) that you can easily remember. Add in spaces, at least one capital letter, and a few numbers or symbols. You can even use a random phrase generator to help you pick a unique phrase.

Length is the key!

Things not to include in a password

In addition to the items Xavier disallows, there are other easily guessed items that you should avoid including in any of your passwords. Some examples:

  • names of spouses or children
  • names of pets
  • favorite sports teams

If it exists in your public social media profiles, do not include it in your passwords!

Additional strategies

Different Passwords for Different Accounts

Always use a different password for each account. Never re-use a password. If the password is cracked, you will be exposed on multiple fronts.

Use a Password Manager

A password manager is a convenient way to generate and securely store unique passwords for all of the sites and systems that you use. Examples of password managers include: LastPass, KeePass, Dashlane, 1Password, and others. These tools rely upon a master password to open and decrypt their password databases. If you choose to use a password manager tool, be sure to set an extremely secure master password, using techniques outlined above.

Use Multi-Factor Authentication (if available)

Multi-Factor Authentication combines something you have (i.e. a smartphone), with something you know (your password) for an added layer of protection. Xavier currently uses Microsoft Authenticator for employee multi-factor authentication. It can also be used for MFA offers by other sites and services.

Check here for a full list of available Internet sites and services which allow multi-factor authentication.

50% helpful - 4 reviews

Details

Article ID: 80
Created
Tue 6/2/15 3:43 PM
Modified
Wed 6/30/21 4:17 PM