| |
|
|
|
| Guidelines |
| |
In order to protect your personal electronic data, setting a strong password is vitally important. Below are the guidelines to set a strong password: |
| |
● |
Password minimum length |
| |
|
Set your passwords at least eight characters composed of random letters, digits and punctuation (for examples #, $, % and spaces) and; |
| |
● |
Composition |
| |
|
A good rule of thumb is never use dictionary words and personal related information such as name, the NetID, birthday date, telephone number, HKID and user ID, etc. |
| |
● |
Reuse of passwords |
| |
|
Use different sets of passwords in different systems for examples mix upper and lower case letters; mix letters and numbers; include non-alphanumeric characters and; |
| |
● |
Password aging |
| |
|
You should change your password regularly such as in every 180 days. |
| |
|
|
|
| Examples |
| |
Examples of strong passwords: |
| |
1. |
A combination of several words that aren't themselves a word interspersed with special characters (e.g., !4scOrE&sDayNYeaRs_ag0) |
| |
2. |
A word with digits of a memorable date sprinkled inside it (e.g., vacation -> 0vac2a0t9io19ln99) |
| |
Examples of weak passwords: |
| |
1. |
Use of repeated numbers, characters or sequences such as 12345678, bbbbbbbb, or 33333333 |
| |
2. |
Use of words in dictionary such as the word “password” |
| |
3. |
Use of personal related information HKID such as “Y6754815” |
| |
|
top
of page |
| Fact |
| |
The purpose to set a strong password is to minimize the potential risk of unauthorized access to important data and use of computing resources. The table below can give you some idea of how long it takes to crack different passwords. From there, you can see that it takes 24.2 days to crack a 8-characters password in pure lower case letters and it takes 17 year to crack a 8-characters password in mixed characters. You can see the importance of setting a strong password:
| |
Total Number of Characters from Which Password is Selected |
| Number of Characters in Password |
26 (lower case letters only - abc) |
36 (lower case letters plus numbers - abc123) |
52 (upper and lower case letters - AaBbCc) |
| 5 |
1.98 minutes |
10.1 minutes |
1.06 hours |
| 6 |
51.5 minutes |
3.74 hours |
13.7 days |
| 7 |
22.3 hours |
9.07 days |
3.91 months |
| 8 |
24.2 days |
10.7 months |
17.0 years |
| 9 |
1.72 years |
32.2 years |
8.82 centuries |
| 10 |
44.8 years |
1.16 millennia |
45.8 millennia |
| 11 |
11.6 centuries |
41.7 millennia |
2,384 millennia |
| 12 |
30.3 millennia |
1,503 millennia |
123,946 millennia |
|
| |
|
| Useful tools |
| |
Below are some useful tools which may assist you to set a strong password: |
| |
1. |
Password Checker |
| |
2. |
Secure Password Generator |
| |
3. |
Secure Password Generator (Firefox Add-ons) |
| |
|
|
top
of page |