public:strong_passwords

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
public:strong_passwords [2011-06-01 12:00] Arno Schoenmakerspublic:strong_passwords [2017-04-21 11:12] (current) – [Diceware] grit
Line 31: Line 31:
 The safest solution for choosing good passwords is to use a randomly generated or seemingly random password that:  The safest solution for choosing good passwords is to use a randomly generated or seemingly random password that: 
  
 +  * Use a minimum password length of 12 to 14 characters if permitted.
 +  * Include lowercase and uppercase alphabetic characters, numbers and symbols if permitted.
 +  * Generate passwords randomly where feasible.
 +  * Avoid using the same password twice (e.g., across multiple user accounts and/or software systems).
 +  * Avoid character repetition, keyboard patterns, dictionary words, letter or number sequences, usernames, relative or pet names, romantic links (current or past) and biographical information (e.g., ID numbers, ancestors' names or dates).
 +  * Avoid using information that is or might become publicly associated with the user or the account.
 +  * Avoid using information that the user's colleagues and/or acquaintances might know to be associated with the user.
 +  * Do not use passwords which consist wholly of any simple combination of the aforementioned weak components.
  
-  * Is at least 7 characters long, and longer if possible.  +==== Diceware ====
-  * Contains a mix of upper and lower case letters.  +
-  * Includes numerals, special characters, and punctuation.  +
-  * Is not based on any personal information.  +
-  * Is not based on any dictionary word. +
  
-Examples of strong passwords include:  +We also recommend Diceware for generating strong passphrases; easier to remember, easier to type (especially on mobile keyboards) and generally stronger than 8-random-character passwords. It is very important that the words are selected randomly, not taken out of a book or something. We prefer six- or seven-word passphrases. Users are now using ssh keys, and Diceware is great at generating long passphrases that get typed once upon starting up a keyring/session manager. [[diceware_faq|More about DiceWare]]
- +
- +
-  De2#vu  +
-  5sd$oiP  +
-  er89TI +
  
 ==== Writing Down Passwords ==== ==== Writing Down Passwords ====
Line 55: Line 54:
 ==== Password remembering tools ==== ==== Password remembering tools ====
  
-There are tools that can store passwords for you, making them accessible by only remembering one 'master' password. In these tools you can store system access passwords, web-page passwords, etc. A reliable tool is [[KeePass|http://keepass.info/]] which works on almost all OSes. This tool also checks the strongness of user-chosen passwords, or it can provide a strong password for you (and remember it).+There are tools that can store passwords for you, making them accessible by only remembering one 'master' password. In these tools you can store system access passwords, web-page passwords, etc. A reliable tool is [[http://keepass.info/|KeePass]] which works on almost all OSes. This tool also checks the strongness of user-chosen passwords, or it can provide a strong password for you (and remember it).
  
 ==== Reusing Passwords ==== ==== Reusing Passwords ====
  • Last modified: 2011-06-01 12:00
  • by Arno Schoenmakers