Canisius College has some basic password requirements. Within these rules, you can create almost limitless combinations of characters that make quite strong passwords:
At least eight characters long.
A mixture of alphabetic letters and numbers.
At least one "special character."
Allowed special characters are: ! # % * + - / : + ? and _
Disallowed special characters are: @ $ & “ ( ) , < > ` = ; and the space character.
Cannot contain your name.
Professor James Moriarty, the evil criminal genius from Arthur Conan Doyle's Sherlock Holmes stories. He probably wants to get into your Canisius accounts, so he likes weak passwords.
OK, I get it, those are the rules. But how do I keep thinking up strong passwords?
Strong passwords try to get away from familiar combinations of letters and numbers, by cleverly employing characters in unfamiliar ways.
The strongest passwords:
do not contain your name, your username, “Canisius,” “College,” your department, office, or unit name,
do not include simple information about yourself, your job, or your life that could probably be found through web searches (ex. your building name or office number, children's or spouse's names, or date of birth),
do not contain a complete word or words spelled out with letters only, like "SocketWrench," "OldShoes," "Ice_Cream," "Mikes*laptop," "Sallystablet," "myMacBook," or...(sigh)..."Password,"
do not consist of simple keyboard patterns, such as QWERTY, or 45678,
are significantly different from previous passwords,
contain numbers symbols, uppercase and lowercase letters,
and are longer than simply eight characters.
So, for example, "SimpleCode-1" meets the official requirements. But because it contains complete words, it is not as strong as it could be.
Choose words or phrases that have special meaning to you, so you're more likely to remember them. Then, re-spell them using symbols and numbers in place of similar letters.
5!mp!eC0de# is stronger, with letters replaced by numbers and symbols.
The more characters a password has, the more secure it is. Twelve characters is a good minimum.
A longer password may seem difficult to remember, but consider a song lyric, a verse, or any other sentence or clause you can jumble with capitalization, numbers, and symbols, or make into an acronym. It’s even better if you can include deliberate misspellings. Bear in mind that you cannot use the spacebar.
“I love my greyhound!” can be “1LuvmyGrey#0und!”
“What Hath God Wrought?” can be (with two Vs for each W, and a zero for "o") “VV#at#at#G0DVVr0ug#t?”
Another possibility is creating acronyms. So "Your taun-taun will freeze before you reach the first marker!" can be (with a # replacing the first two "t"s, and two "v"s for W), "Y#vvfbyrtFM!"
In this way, simple phrases, verses, lyrics, or sentences that have special meaning to you can become formidable passwords.