What makes a good password?


In fact, the various endings could have some vague association with the target systems such that each password is unique but still relatively easy for you to remember.

Some systems will even allow you to use full sentences as passwords. For these, you might try a password like "I can't wait to log out" for a system you really don't enjoy using. That password might be both memorable and cathartic as the same time.

Wrap Up

Getting your users to choose good passwords requires that you define for them what a good password is and that you set a good example. You shouldn't use predictable passwords even temporarily. If every time you set up a new account, the password is "ChangeMe" or the account name with "123" tacked on the end, you'll have a growing population of people who know the initial password for every account you set up. You'll also be suggesting, whether you mean to or not, that passwords like these are acceptable.

Once you determine what your users' passwords ought to look like, most systems will allow you to enforce password complexity in keeping with your chosen password policy. Setting good password complexity rules ensures that your users will not be able to assign themselves passwords which are easy to guess. In my next few posts, we'll look at how password complexity can be enforced on Linux, Solaris, and Active Directory.

Join us:






Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question