All accounts on every machine should have a secure password
that adheres to the following guidelines:
- At least six characters (numbers, punctuation, upper- and lower- case letters)
- Does not contain the user ID or any names (forward or reverse)
- Does not contain personal information (forward or reverse) such as phone numbers, license plates, addresses, birth dates of immediate family members, etc.
- Is not a word in any dictionary (forward or reverse), e.g. English, French, Spanish, Klingon, Elvish, biographical, medical, etc.
- Is not a word with simple substitutions such as 3 for E, 0 for O, 4 for A, or 5 for S.
- Is not a word with a single digit added to the end, e.g. secret1.
- Change the initial password immediately upon login, and periodically thereafter.
Some examples of secure passwords are:
- I'mGr8
- E=mc^2
- "Trix"R4kids
- sqrt(64)=8