Use Strong Passwords
Use Strong Passwords
Create passwords that are unique and hard to guess. Use 2-step verification where it is available.
A password is how you prove you are you. Technology has gotten better and better, isn't it time to improve the way you handle passwords? Read the links below to help you create a strong password, manage all your passwords in a password manager, and enable two-step verification to protect against account theft.
Create a Strong Password
Privacy, Please
How to Manage
Refuse to Reuse
Set It Up
Resources 
Bad - Things to Avoid
Do you use any of these as a password, or use them in combination with a single dictionary word? If so, you need to upgrade your password to something stronger.
-
Four Digit Years
Examples: 19XX, 20XX, other anniversaries or famous years like 1776 or 1066
-
"Password"
Examples: pass, password, p@$$word or any variant
-
Sports References
Examples: footballfan, hockey, gosox
-
Names
Examples: pets, spouses, children, grandchildren, celebrities
-
Personal Information
Examples: your name, email address, phone number, or social security number
-
Keyboard Patterns or Sequences
Examples: qwerty, asdf, 123456,abc123
Good - Passwords
A good password will meet the following requirements
-
An English uppercase character (A-Z)
-
An English lowercase character (a-z)
-
A number (0-9) and/or symbol (such as !, #, or %)
-
Ten or more characters total.
One way to do this is to start with a word you will remember:
pamphlet
Then add elements from the criteria listed above.
pAMPh$3let
Better - Passphrases
Passphrases are longer and more complex than passwords. They are easier to remember, but more difficult to guess.
Method A: Convert a Phrase to an Acronym
Choose a phrase you can remember and reduce it to the first letters of each word, working in some numbers, capitalization, and punctuation.
Mccic:Iiig,web? -> Mint chocolate chip ice cream: If it isn't green, why even bother?
Method B: Unique Phrase
Pick 4-5 Letters (MISL) and then make a phrase using words that start with each of those letters. Add a number or punctuation if it makes sense.
Miami!!ItSoundsLovely
MaybeIncludeSmallLobsters?
Best - Password Managers
LastPass premium is currently offered at no cost to all members of the Harvard community.
The strongest passwords are created by password managers, software that generates and keeps track of complex and unique passwords for all of your accounts. All you have to remember is the password to the password manager. When choosing a password manager, choose one that supports 2-step verification.
Keep your passwords private and don't share them with anyone. Support services will never ask you for your password by phone or by email.
How to Manage
You have dozens of accounts, and that means you need dozens of strong passwords. Thankfully, there are applications to help you keep track of them. A password manager will help you create, use, and store passwords easily. LastPass premium is currently offered at no cost to all members of the Harvard community.
Using the same password for all your accounts is very risky. If your account for any service is compromised, all of your accounts are put at risk. Use a unique password for every account.
When you enable two-step verification, any time you use your account on a new device, an authorization code will come to your phone. Without the code, a password thief cannot take control of your account. It is the single best way to protect your account from cyber criminals. Two-step is available for most services at Harvard and beyond.
