Skip to Content

KV Help Image

Selecting a Good Password

As you choose your password, remember that there are a number of things that a good password is NOT. None of the following should ever be used:

  • Your name. The name of your spouse, child, or pet.
  • Anyone's name (real or fictional).
  • Any word in an English dictionary.
  • Any word in a foreign dictionary.
  • Any word that is printed, published, or written down anywhere by anyone.
  • Your phone number, address, SSN, birth date (or those of anyone you know).
  • A place.
  • A proper noun.
  • A string of the same letter (like aaaaaaa).
  • Simple keyboard patterns (like asdf or qwerty).
  • Any of the above with a single digit or symbol before or after it.
  • Any of the above backwards.

A good password DOES have the following properties:

  • Both upper and lowercase letters.
  • A mix of letters, symbols, and numbers.
  • Easy to remember (so it doesn't have to be written down).
  • Can be typed quickly so someone standing behind you won't be able to easily see what you're typing (often called "shoulder surfing").
  • Known by you AND ONLY YOU.
  • Your password may not be the same as the last password you set for this system.

It may sound hard, but coming up with a secure password isn't that difficult. For example, take two short words and combine them using a symbol like "bot4mine" or "eye-con". Even better, capitalize some of the letters. Or, make up an acronym that means something to you or reminds you of a phrase. For example, "Twinkle, twinkle little star." Take the first letters, reverse the word star, swap in a #1 for the "l" and a #5 for the "s" (same approximate shape) and you get "Tt1rat5". It looks totally random, and is nearly impossible to figure out, but you have a mnemonic to help you remember it.

As a good practice, change your password at least every other month and don't re-use them. And NEVER write a password down anywhere (unless you promptly eat the piece of paper).

Finally, note that the examples "bot4mine", "eye-con", and "Tt1rat5" are all now bad passwords because they are written down somewhere (in this message).