Creating a Password

Creating a secure password is very important, because unauthorized users are often able to steal accounts or gain access to a system by guessing passwords. People who try to gain unauthorized access to a computer or a specific account are called "crackers". If your account is compromised, because of either a bad password or other means, the cracker can not only remove or modify any of your files, but he/she can also attack other users on the system, or other systems on the network.

Good passwords are difficult to create; care and thought should go into each one. Here are some guidelines for choosing passwords.

Some examples of bad passwords are:

• your login in any form (as-is, reversed, capitalized, doubled, etc)
• any first or last name, regardless of ordering or capitalization
• license plate numbers
• phone numbers
• social security numbers (in whole or part)
• street, city, state or country names
• any word found in a dictionary, English or other
• cartoon characters
• names of pets

Good passwords are usually pieces of several words, with odd capitalizations. A good password may include punctuation or other non-alphabetic characters. Using digits in unexpected locations can make a password better.

To change your Saint Mary's password (e-mail, network drives, Blackboard), visit http://www.saintmarys.edu/account, and click on the Select button to change your password. Follow the instructions provided. Passwords should be at least six characters and no more than eight characters.

Some examples for passwords (please do not use these examples for your own password):

Bad password: goirish
Better password: g01r1sh
Good password: g01Ri8hP
Good password: 1Cr4irFt

Why is goirish a bad password? Because it contains words that are easily found in a dictionary and is relatively easy to guess on our campus.

Why is g01r1sh better? Because it mixes up letters and numbers.

Why is g01Ri8hP a good password? Because it mixes up letters and numbers, and also has a combination of upper and lower case letters. It also has a random letter at the end to make it a little harder for others to guess, but you still have a way of remembering it. Also, at first glance, the phrase it represents is not obvious.

Why is 1Cr4irFt another example of a good password? By looking at it, it seems meaningless. However, if you knew the phrase used to create and remember it, it can be easy for you to remember and difficult for others to guess. (I cheer for Irish football.)

Please do not use special characters for your passwords at Saint Mary's College - the various cluster computer logins and some other servers on campus have restrictions on which characters you can use in a password. If you create a password with a symbol, it may work for some servers on campus, but you may be blocked from using other servers because it won't recognize the symbol in your password.

Please note: It may take up to ten minutes for a password change to take effect on all of our servers on campus, so you may want to wait a while after changing your password before you try the new one.

Keeping Your Password Secure

You should change your password as soon as you get an account, and then you should change it at least once a year, just to be sure it hasn't been discovered and is being used by anyone else. Don't write your password down - that makes it too easy for someone to discover it. You should choose a password that you can remember, but difficult for others to guess.

Don't tell anyone what your password is, under any circumstances. This includes friends, significant others, siblings, and parents. No one has any reason to know your password other than you! There are crackers who have been known to send mail that appears to be from the system administrator, asking you to change your password to something they give you. Don't ever do this! There is no legitimate reason for anyone to ask for your password. If you ever get mail like this, delete the message. If you do, for some reason, give out your password to someone, change it immediately!

To help keep your password secure, Information Technology will not honor any requests for password resets/changes made over the phone. To request that your e-mail password be reset, you will need to visit the Helpdesk (123 Haggar College Center) with a photo ID card. To request that your PRISM password be reset, you will need to visit the Helpdesk (123 Haggar College Center) with a photo ID card or send a password reset request to helpdesk@saintmarys.edu from your Saint Mary's e-mail account.