Security: Passphrases & Passwords


There may be broken links in this article, the GROK staff has been notified and is working to resolve the issue.


A password is a common form of authentication and is often the only barrier between you and your personal information. There are several tools that attackers use to assist in guessing or cracking a password.  By creating a complex password and keeping it confidential, you make it more difficult for hackers to gain unauthorized access to your information.  Why do I need a Password?

Advice on Choosing a Password

Secure and complex passwords are often thought of as burdensome.   With required 15-character minimum length, use of upper & lower case letters, and the use of a number or special character, this can often seem like too much to remember.  Thankfully, there is an easier way... you can enter a passphrase.  A phrase meets the requirements on length and complexity, but it is easier to remember.  

For some ideas on coming up with a passphrase, consider the following examples:

  • "Tiger123"
    • This password is short and easy for you to remember.  It is important to realize, this password would also be easy to figure out or guess.  This is an example of a VERY insecure password.
  • "T1g3rudhxn!vo?LSU"
    • This password is much more complex, but also much harder to remember.
  • "Aren't tigers awesome and number 1 in the nation?"
    • This passphrase is long, complex, and easier to remember than the previous example.
       

DO NOT USE ANY of the Passwords OR Passphrases used as examples in this article for YOUR ACTUAL PASSWORD!
 

Remember a Complex Password

Full sentences and phrases are VERY secure because of the complexity and multiple ways in which they can be constructed. There are many ways "Aren't tigers awesome and number 1 in the nation?" could be written.  As a result, it is more difficult for attackers to guess and it is harder for password cracking tools to decipher.

LSU passwords CAN contain spaces, making a passphrase an ideal solution.  

Question:  

I try to keep my passwords in sync or similar to each other to make it easier to remember them.  It is difficult to do this with such HIGH password requirements.  

How should I handle the password for the other web services that I use?   For example, passwords for other web services that DO NOT allow spaces or have a very short maximum length.

Answer:  

A Passphrase can be a viable solution by using abbreviations. Consider the following examples:

  • "Where oh where has my little 1 gone?"
    • This passphrase may be too LONG for many web sites or web services.
  • "Wowhml1g?"
    • This abbreviated version of the previous password is now much shorter.  It appears random and is difficult to guess, however it is easier for you to remember since you know the phrase that it originates from.  
       

Steps to Change Your Password

Change Your MyLSU Account Password
 

Referenced from: Microsoft.com
16865
5/21/2019 3:11:28 PM