<<
Back to Desktop Security
________
To
protect your own computer account(s) as well as the security
of the Lab in general, you must select and utilize "good" passwords
and protect them carefully.
Password
Policy
As
a Berkeley Lab employee, you are required to follow the LBNL
password requirements in the RPM when choosing, maintaining,
and protecting your passwords. An abbreviated summary of the
key password requirements is below.
- Configure systems to require the use of secure passwords or other secure credentials wherever possible.
- Passwords
must contain at least eight nonblank characters
- Passwords
must contain a combination upper and lowercase letters,
numbers, and at least one special character within the
first seven positions
- Passwords
must not contain the user ID, friend's or relative's name,
employee number, Social Security number, birthdate, telephone
number, common words from an English dictionary or a dictionary
of another language with which the user has familiarity,
commonly used proper names, including the name of any fictional
character or place, or simple pattern of letters or numbers
such as "qwertyxx" or "xyz123xx."
- Password
must be changed at least every six months, immediately
after sharing, as soon as possible after a password has
been compromised or after the user suspects that a password
has been compromised.
A good
practice is to use different passwords for different systems,
so that if an intruder deciphers one password and gets into
one computer, the same password won't automatically allow
access to other systems.
Choosing
a Password
Choosing
good passwords is really more art than science. Hackers have
tools that can break any password found in a dictionary or
that is a simple transformation of a dictionary word. But
choosing a good password you can remember can be a challenging
task. Here is one idea to help you create and remember a good
passwords.
Think
of an easy to remember phrase, such as "It’s
Easy To Create Good Passwords!". From this phrase extract
the first letters and special characters. Also substitue the
number 2 in the place of the word "to" and vary
the case of the letters. This methodology leads to a password
of I'sSe2CgP!
Examples
of Good Password
| 1C'tRmU&P |
Which is tied to the phrase, "I Can't Remember My
Username and Password" |
| F!,@GpA55w0rDs |
Which
is loosely tied to the phrase, "Finally!, A Good
Password Scheme" |
Examples
of Bad Passwords
| alec7 |
Based on the user's name, too short, no special character |
| PORSCHE911 |
Proper
name, in the dictionary, no special character |
| qwerty_ui |
Letter
series |
| merde3 |
In
a French dictionary; too short; no special character |
| zeo$lite |
In
a geological dictionary, no number |
Remember/Store
Passwords with "Password Safe"
Remembering
numerous passwords can be a challenge. A free tool called
"Password Safe" is available from Counterpane Labs. Password
Safe offers a simple way to store all of your passwords in
an encrypted "safe" on your Windows computer. You only need
to remember a single password to "open" the "safe" and retrieve
one of your many other passwords.
Password
Safe is available at: http://www.counterpane.com/passsafe.html.
|
