Password Management

Passwords are like friends, you can never have too many. 😉  And just like friends, you want to be able to depend on them and treat them right.

Password Complexity

UO has a standard for minimum complexity (at least eight characters long with one upper-case letter, one lower-case letter and one number). Yet even with this standard, it is easy to create easily guessed passwords. For Example “Fall2015” meets the minimum UO standard, but does not look too secure come this expletive bubbleSeptember.

Making a complex password is not too difficult. Combining three or four unrelated common words, with a number included provides a much more secure password. Thus longer less complex passwords will typically be more secure than short arcane passwords that look like a cartoon expletive.

Top 25 Most Common Passwords (you don’t want to use)

2014’s list of the most commonly used passwords starts with “123456” and “password“.

See all 25 passwords

1) 123456

2) password

3) 12345

4) 12345678

5) qwerty

6) 1234567890

7) 1234

8) baseball

9) dragon

10) football

11) 1234567

12) monkey

13) letmein

14) abc123

15) 111111

16) mustang

17) access

18) shadow

19) master

20) michael

21) superman

22) 696969

23) 123123

24) batman

25) trustno1

Different Account = Different Password

All your accounts should have different passwords. Having different passwords for important accounts (UO Duck ID, Credit Cards sites, commerce sites) helps insulate you from addtional identity theft if one of your accounts is compromised.

Change Your Passwords Periodically

The UO requires you to change your Duck ID password every six months. For other important accounts, it is good practice to change your most important passwords periodically.

Change Your Patterns

We often decide on a pattern or a set elements when we create passwords. It is good to change up your patterns when setting a new password as well. avoid just adding a 1 or a 2 at the end of your old password to make a new password.

Avoid Passwords with Personal Information

It good to avoid passwords that contain personal or family information that is easily found on the Internet. A person’s home address, family names, birth dates, etc. can be found all too easily and thus make a password more likely to be guessed.

Browsers Will Store Your Passwords. Think Twice Before Allowing It

All modern Internet Browsers (Firefox, Chrome, Safari, IE) will store your passwords for specific Web addresses. For some sites this might be a useful convenience, but for your most important sites and credentials, this is not a good idea, since your browser allows you, or some logged in as you, to reveal the addresses of the sites you have visited and the passwords you have let the browser store. The good new is that you can clear this information easily from your browser and you can set a browser to never remember any passwords.

Use a Password Manager

There are numerous password management applications and services. They have several advantages over using sticky notes on you computer monitor or keyboard.

Here are a few you may want to evaluate:

Skip to toolbar