We have been asked to adopt a strong password by November 15th. While I firmly believe this will make us less secure, rather than more secure (read here), we must live with the policy. Microsoft has some suggestions for developing a strong password (more suggestions here and here). The problem with all of the suggestions is that anything which generally makes the password easier to remember also generally makes it easier to crack. So while you might find one that satisfies UWL's requirements to be strong, that does not make it so.You can randomly generate one here, but you'll never remember it.
To write them down or not? I say no, as it provides another means by which your password can be compromised, yet there is evidence that not writing down means you use weaker passwords. I guess it is a trade-off, whoever would have thought that?
An easy method might follow this rule: Two words together, one capitalized the other not, then pre-pending, appending, or dividing the two words by the number of the current month. Changing the password monthly gives you 12 easy to remember passwords. Of course following a rule, makes the system weaker, but at least you will have nominally satified the requirements for a strong password, without requiring too much mental effort. Merging the two words together and alternating between them one letter at a time would make this stronger, but more of a pain.
The reality is fewer than half of all security breaches occur through simple frontal assaults on the system. Hackers are more clever than that, they need not employ brute force methods. In fact half of all security breaches occur through much easier means, such as stealing a laptop, which has the password or sensitive data stored on the hard drive. Since many of us have laptops, this is probably our greatest vulnerability.
The bottom line:
1. Don't give your password to anyone.
2. Don't login to computers you don't control. (Yes I know instructors have to violate this, which is a major weakness, since it is very easy to run keylogging software on those computers).
3. Don't write your password down, but if you do, don't keep it near your computer.
4. Don't let windows save your passwords.
5. Don't lose your laptop.
Your UWL eagle password can be changed here. Answers to frequently asked questions here.
Do not forget to change your computer's password. Here are directions for doing that.
