Skip to navigation content (Press Enter).

Best Practices for Passwords

Choosing a suitable password for your MAC ID

A poor or weak password:

  • Contains less than eight characters
  • Is a word found in a dictionary (English or foreign)
  • Is a common usage word such as:
    • The name of a family, pets, friends, co-workers, fantasy characters, etc.
    • Computer terms and names, commands, sites, companies, hardware, software.
    • Birthdays and other personal information such as addresses and phone numbers. A word or simple number pattern like 1234, ///, 1111, aaaa, abcabc, aaabbb, qwerty, zyxwvuts, 123321, etc.
    • Any of the above spelled backwards.
    • Any of the above preceded or followed by a digit (e.g., secret1, 1secret)

A strong password:

  • Contains both upper and lower case characters (e.g., a-z, A-Z)
  • Has digits and punctuation characters as well as letters e.g., 0-9, !@#$%^&*()_+|~-=\`{}[]:";'<>?,./)
  • Is at least eight alphanumeric characters long.
  • Is not a word in any language, slang, dialect, jargon, etc.
  • Is not based on personal information, names of family, etc.
  • Should never be written down or stored on-line.
MAC ID Passwords must be a minimum of 8 characters in length and include characters from at least two of the four groups below:
  1. Uppercase letters A, B, C, ... ,Z
  2. Lowercase letters a, b, c, ...,z
  3. Numerals 0, 1, 2, 3, 4, 5, 6, 7, 8, 9
  4. Symbols found on the keyboard: (All keyboard characters not defined as letters or numerals)` ~ ! @ # $ % ^ & * ( ) _ + - = { } | [ ] \ : " ; ' < > ? , . /

Although Windows passwords can be up to 127 characters long, it is recommended that you keep passwords to 14 characters or less.

Choose strong passwords rather than weak passwords.

Try to create passwords that can be easily remembered. One way to do this is create a password based on a song title, affirmation, or other phrase. For example, the phrase might be: "Never Go Down A Volcano Alone" and the password could be: "NgD0wn@va" or "NgDaVal0n3" or some other variation.

Use a password that can be typed quickly, without having to look at the keyboard. This makes it harder for someone to steal your password by looking at your keyboard (also known as "shoulder surfing").

Change passwords regularly. The more critical an account to network integrity (such as root on a Unix host or Administrator on Windows NT), the more frequently the password should be changed. This change stops someone who has already compromised an account from continued access.

Service Desk

Hours: Monday - Friday
8:30 am - 4:30 pm
Phone: 905-525-9140 x24357 (2HELP)
Email: uts@mcmaster.ca
Location: Main Campus BSB Rm. 245
Service Catalog:
http://www.mcmaster.ca/uts

UTS QuickSupport


UTS QucikSupport Download
More information...

Service Bulletins

  • There are no Service Bulletins at this time

Important Topics