:lol: Don't Use: [*]Any part of your name - first, last, or middle [*]Your initials [*]Your social security number [*]Names of friends, family, or pets [*]Birthdays [*]Phone numbers or addresses [*]Any other personal information that could be guessed [*]Place names [*]Words from the English dictionary [*]Words from a foreign dictionary [*]Your username or login name [*]Your computer's name [*]Repetition of the same letter [*]Sequences of keyboard keys, such as "12345" or "qwerty" [*]Any minor variation of the above, such as spelling backwards or appending a character to the end of your name Do Use: [*]Special characters (*!$+) mixed with letters and numbers [*]Mixed upper- and lower-case letters - putting capitals in random locations throughout a password is effective [*]Punctuation characters mixed with letters and numbers [*]Nonsense words that are easy to pronounce but aren't in any dictionary [*]Six or more characters Hint: A good way to choose a secure but easily remembered password is to use the first character of each word in a phrase. For instance, "Asb*Mf" stands for "April showers bring May flowers"; the asterisk in the middle is included for extra security. (Don't use this password!) Important: Change your password every month or two, and never give it out to anyone. If someone has learned your password, change it immediately. Choose a password you can remember so you don't have to write it down. Avoid letting people observe you typing your password. Rules Your password must conform to the following rules: [*]It must be at least 7 characters long. [*]It must not be a word that appears in the dictionary of common English and non-English words. [*]It must not be a dictionary word followed and/or preceded by 1 or 2 characters. (For example, 9cheval, 99cheval, cheval9, cheval99, and 99cheval99 are not valid.) -------------------------------------------------------------------------------- Suggestions To create a password that is easy to use but difficult for people or password cracking programs to guess, we suggest you try one or more of the following techniques: [*]Longer passwords are better passwords. If you use a Macintosh, however, you might occasionally have to make your password 7 or 8 characters long. Some Mac-based computer services do not allow passwords longer than 8 characters. Learn how to change passwords quickly, so you can briefly change to a 7 or 8 character password whenever you must make use of a Mac-based service (such as AppleShare), then change back. [*]Remove all the vowels from a short phrase. Example: llctsrgry ("All cats are gray") [*]Use an acronym: choose the first or second letter of your favorite quotation. Example: itsotfitd ("It's the size of the fight in the dog") [*]Mix letters and non-letters in your passwords. (Non-letters include numbers and all punctuation characters on the keyboard.) [*]Transform a phrase by using numbers or punctuation. Examples: Idh82go (I'd hate to go), UR1drful (you are wonderful). [*]Avoid choosing a password that spells a word. But, if you must, then: Introduce "silent" characters into the word. Example: va7ni9lla Deliberately misspell the word or phrase. Example: choklutt Choose a word that is not composed of smaller words. [*]Add random capitalization to your passwords. Capitalize any but the first letter. Example: eIeIoH!, o.U.Kid What the System Checks For Dictionary Words The password-checking system screens all passwords against its own large dictionary of 1.4 million English and non-English common words. The words in most major languages are represented, spelled forward AND backward. Any words found in this dictionary are rejected as passwords. Random Suffixes and Prefixes Many people attempt to disguise a dictionary word by adding random characters at the beginning or end of the word. The system automatically screens for this technique. For example, the passwords below would not be allowed: nameXX nameX Xname XXname XXnameXX (No matter what X or XX is.) Non-Letters As Letters Many people try to use certain non-letters as letters within their passwords. The system automatically translates all of the following non-letters into letters before looking up words in its dictionary: $ = s 4 = h 2 = a 3 = e 0 = o 1 = l 1 = i Passwords like $omething or cha1rman would therefore be rejected. Capitalization SUNet ID passwords are case-sensitive: uppercase and lowercase letters are considered to be separate letters (except at the beginning of a word). Capitalizing random letters in a dictionary word (caRpoRTS) will not, however, fool the screening program. The point is to capitalize letters in a non-word password, in order to provide another layer of complexity against other password-cracking programs. Obvious Tricks The system automatically screens out passwords set in the following manner: [*]Passwords based on a dictionary word spelled backward (lacigoloib). [*]Passwords based on two dictionary words in a row (dogdog). [*]Passwords based on the person's login name. [*]Passwords that are all white space. [*]Passwords that contain control characters. [*]Passwords that are all numbers. [*]Passwords with several repeating characters (aaaaaaaa or aaaabbbb or abababab). [*]Passwords that do not have more than four characters that differ from the previous character by one (1234abcd). [*]Passwords with license plate patterns (daaaddd). [*]Passwords with social security patterns (dddsddsdddd). [*]Passwords with phone number patterns (dddsdddd or dddsdddsdddd).