Guidelines For Choosing Password
taken from the manual page of passwd
by Cristian Gafton <gafton@redhat.com>
Remember the following two principles:
Protect your password.
Don't write down your password - memorize it. In
particular, don't write it down and leave it any-
where, and don't place it in an unencrypted file!
Use unrelated passwords for systems controlled by
different organizations. Don't give or share your
password, in particular to someone claiming to be
from computer support or a vendor. Don't let any-
one watch you enter your password. Don't enter
your password to a computer you don't trust or if
things Use the password for a limited time and
change it periodically.
Choose a hard-to-guess password.
passwd will try to prevent you from choosing a
really bad password, but it isn't foolproof; create
your password wisely. Don't use something you'd
find in a dictionary (in any language or jargon).
Don't use a name (including that of a spouse, par-
ent, child, pet, fantasy character, famous person,
and location) or any variation of your personal or
account name. Don't use accessible information
about you (such as your phone number, license
plate, or social security number) or your environ-
ment. Don't use a birthday or a simple pattern
(such as backwards, followed by a digit, or pre-
ceded by a digit. Instead, use a mixture of upper
and lower case letters, as well as digits or punc-
tuation. When choosing a new password, make sure
it's unrelated to any previous password. Use long
passwords (say 8 characters long). You might use a
word pair with punctuation inserted, a passphrase
(an understandable sequence of words), or the first
letter of each word in a passphrase.
These principles are partially enforced by the system, but
only partly so. Vigilence on your part will make the sys-
tem much more secure.
|