Good vs. Bad Passwords
While the example given in this site's introduction is admittedly an extreme, it serves to illustrate a very important point: protecting your password is your responsibility; no one else can do that for you.
A bad password is one that does not keep unauthorized users out of the system. Examples of bad passwords include (but are certainly not limited to) any name, birthday, SSN, driver’s license, number, pattern, course number or trivial combination of the above.
In this document, we focus on empowering users to choose good passwords rather than giving an abundance of examples of bad ones. Over the last several years, security experts have weighted the pros and cons of the tradeoff between security and convenience. Several ideas have emerged that help a user choose a password that is both easy (for them) to remember and hard (for bad guys) to guess. TRG encourages users to adopt a policy we’ve called “obfuscated phrase passwords.” Don’t panic – they’re not nearly as hard to understand as the name might imply.
To generate an obfuscated phrase password, simply follow the steps below.
Once you have typed it a few times, the resulting password (t1DmwwYg$t¢) is one that is both relatively easy for you to remember, and hard for anyone else to guess. It should be noted that the above password would be a good password, except for the fact that it has appeared in this document – it is now a very bad one.Introduction < Good Passwords vs. Bad Passwords > Advanced Password Options