Passwords are an extremely important part of information security, and, if not handled properly, passwords can be the weakest link in the college's defenses.
At Colorado College, we enforce the following password standards:
- passwords must be at least 8 characters long;
- passwords must contain at least 3 types of characters (a,b,c... 1,2,3... A,B,C... !,@,#);
- when resetting a password, it must be new and different from your previous 4 passwords (5-password history);
- passwords cannot contain your username or any part of your full name.
- passwords should not be shared with anyone, including family, assistants, or other coworkers (even ITS: staff!);
- passwords should be unique.
- Do not use the same password you have at CC for personal accounts, for example.
- The first thing hackers will try if they obtain your password is to log into online banking, credit card, amazon.com, and other services with the same credentials.
Strong passwords have the following characteristics:
- are not a word in any language, slang, dialect, jargon, etc.;
- are not based on personal information, names of family, etc.;
- are never written down or stored online.
We encourage you to use a passphrase instead of a password. Passphrases are simply longer passwords that are more natural for a human to remember but much harder for a computer to crack because they are so long. Many of us already choose passwords based on phrases to try to make them easier to remember, and so why not actually just use the phrase? For example:
- Password: Iluv2sdy@brns!
- Passphrase: I love to study at Barnes!