Once received, it's a message that seems user-unfriendly. In an alert sent on the last day of Nov., IS declares a stronger password policy being applied to passwords in eServices. From now on, a system user has to satisfy these requirements when changing or creating a new password:
- Must be at least eight (8) characters and not more than fifteen (15) characters in length
- Cannot exceed two (2) consecutive characters of the user’s account ID/name
- Must select a security question and type in an answer
- Old passwords cannot be reused
- Must contain characters from three (3) of the following four (4) categories:
- Uppercase alpha characters (A-Z)
- Lowercase alpha characters (a-z)
- Numeric characters (0-9)
- Special characters (! @ # $ % ^ & * ( ) - _ = + \ [ ] {} ; : / ? . >)
Worse, if users do not change their password by Jan. 31, they will be locked out of the system.
Of course, we all know that a hard-to-guess password helps to improve security. But the most secure password, one that is totally randomly generated and meets the above requirements, will become your brain teaser until you either internalize it or forget it. On the other hand, a password that contains a readable word isn't that secure to begin with.
So, is there a simple way to come up with a complex password? Apparently, Farhad Manjoo does not consider this task an oxymoron. The technology columnist for the online magazine SLATE wrote in July to share his technique "to create passwords that are near-impossible to crack yet easy to remember. Even better, it'll take just five minutes of your time. Ready?" Click here to learn his technique.
No comments:
Post a Comment