Creating a Strong and Unique Password

Have you found it hard to create a good, strong password that you can remember? Creating a complex and easily remembered password can be a challenge, but these tips can help you. Check out the dos and don’ts below.

Dos

  • Use at least 12 characters with at least one capital and one number, which mirrors Williams current password policy.
  • Create an easy-to-remember passphrase by choosing a phrase and adding numbers and symbols. Length is more important than complexity. For example:
    • In2016weateaCheesepizza  is a good password / passphrase and easier to remember than something like JwFuB/>6c7sk
  • You can check the relative strength of a password on our password checker site:  https://pchanger.williams.edu/pchecker/
  • Consider using a password manager such as LastPass or KeePass.  More information about password managers:  https://oit.williams.edu/files/2016/09/PasswordManagers-pdf-1.pdf
  • Mobile devices like iPhones, iPads NEED to have a passcode, password, fingerprint or swipe lock!
  • Use 2-factor authentication.  This will protect you if your password is guessed or hacked as it requires both a password AND some other form of authorization (in the form of a text or message on your smartphone or office phone) to log in from a new location.  More information on 2-factor authentication:  http://oit.williams.edu/help-docs/2-factor-authentication/
  • Be sure you’re on the correct website before entering your password or passphrase (log in to sites using a bookmark or manually type in the address to your web browser).

Don’ts

You won’t do these things we’re asking you not to do, will you?

  • Don’t include your username or account number in your password or passphrase
  • Don’t use the same password for multiple services!  A strong password doesn’t do any good if the service you are using it with gets hacked.  If you used the same password on Yahoo! that you did for your Williams account you now need to change both passwords!  See why:
  • Don’t use a single word, in any language
  • Don’t use consecutive repeating characters or a number sequence
  • Don’t use your pet’s name, your birthdate, address, phone number, or any other type of information someone can easily obtain
    • For example if it easily known you have two children named Peter and Jennifer then the password PeterJennifer1 , while meeting our college password requirements would be a poor choice.
  • Don’t share your password or passphrase