The rules for changing your password are as follows:
- Must begin with a letter
- Minimum 12 characters, Maximum 30 characters
- Must use at least 3 of the following 4:
- An UPPERCASE letter (ABCDEFGHIJKLMNOPQRSTUVWXYZ)
- A lowercase letter (abcdefghijklmnopqrstuvwxyz)
- A number (0123456789)
- A special character (! @ # $ % ^ & * - _ + = [ ] { } | \ : ' , . ? / ` ~ " < > ( ) ; are allowed)
Instead of a password start thinking in terms of a passphrase.
- Since there is a minimum of 12 characters for passwords it's easier to think of a phrase that you can remember:
Example: I donate money to the 4-H
Resulting pass-phrase: Idonate$2the4H
- Take advantage of the allowed special characters and the length of 30 characters. In general, the longer the password the more secure.
- It's best to avoid words found in the dictionary but sometimes combining short words for a pass-phrase is okay.
Example: Great fun for all
Resulting pass-phrase: Gr8_Fun_4_All
- Use numbers as part of words but don’t substitute digits for characters such as using zero in place of the letter O or the digit one instead of the letter L or I.
Good password: h8_not_h@s!
Bad password: n0tg00dpassw0rd
- Avoid using any words associated with Auburn University such as WarEagle or Tigers. Instead you drop the vowels, add an adjective, etc.
Example: Tigers are number one forever
Resulting passphrase: TgrsR#1_4ever
- Don't use other easily obtained information about yourself. While using this information may create a password easy to remember, people that know you may easily figure it out. For example, don't use:
- your username
- your name
- name of a relative or friend
- license plate numbers
- phone numbers
- social security numbers
- the make of your automobile
- the name of the street you live on
- the room number or building in which you work, etc.
- Don't use a word that could be considered banned. That being said, there is no specific list of banned words. A banned word can be any word found in the dictionary or any word listed in the example above. Simple words are easily hacked. The more complicated the "word" or passphrase, the better.