In order to improve security and better protect its valuable data, Millersville University has moved to a stronger password standard. Passwords will expire every 90 days. Your domain password must meet the following criteria:
- The minimum password length is 8 characters.
- A combination of three of the following four character types must be used - lowercase, uppercase, numbers, special characters.
- The new password must be significantly different than the last three passwords used.
- Do not use portions of your account name in the password.
In addition to the policy requirements, best practices suggest secure passwords adhere to three principles:
- Passwords must never be written down.
- Passwords must not be predictable.
- Passwords must be unforgettable.
Don't confuse strong with difficult, or simple with insecure. A strong password can be simple to remember if you use a technique for creating it. Here are examples of techniques to create secure passwords. They are examples only, if you use one of them add your own twist to make it uniquely yours.
Replace letters with numbers or symbols.
Let's say you were born in Lancaster, replacing the letter 'a' with '@' and the letter 'e' with '3' would result in the secure password L@nc@st3r. A word as common as Lancaster may break the predictable principle, so we may want to change it a little. Maybe add a couple of characters to it. Maybe an office number. You may end up with something like Lanc@st3r127.
Replace letters in a common word you like with letters on the keys directly above them on the keyboard.
Using this technique changes Lancaster to Oqhdqw534. Again, this technique may be predictable so something should be added to make it just a little more unpredictable, maybe a favorite character, like: Oqhdqw534$
Pick a favorite saying and apply your own formula.
For example, on March 23, 1775 Patrick Henry said "Give me liberty or give me death." This quote could become Gml@gmd75, 17Gmlogmd75, or 03GMLoGMD23.