Passwords
Password management is critical. Your password protects you from unauthorized access to your computer accounts. It protects both your personal information and, in the case of medical students, clinical staff, and clinical faculty, the private information of patients.
Ensure that your passwords are known only to you
It is critical that you never share your passwords with anyone else and that you do not keep written logs of your passwords that someone else my find and use. Do not send your password over email. Treat your password as sensitive, confidential information.
Create a password that will be accepted by all UCSD systems
Selecting your password may be difficult because it must be something that is easy for you to remember but which is not easy for anyone else to guess. It must also be something that can withstand the brute force attacks of password cracking tools. Password cracking tools are very effective at testing vast quantities of letter and number combinations until a match is found. Your password should not be any word found in a dictionary, a proper noun, foreign word, or a word written backwards. You should also not use personal information such as your address, phone number, pet's name, maiden name, mother's maiden name, license plate, or anything else that someone could easily learn about you. A secure password should meet the following criteria:
It is 7 or 8 characters long
It contains characters from at least 3 of the following 4 groups:It is NOT a dictionary word or proper name- Lower case letters
- Upper case letters
- Numbers
- Non-alphanumeric characters (punctuation)
It does NOT contain : (colon)
It does NOT contain any part of your name
Change your password frequently (Password Maintenance)
Password maintenance refers to the practice of changing your password frequently in order to maintain its security. In general, the older a password is, the less secure it is. Security experts differ on how frequently a password should be changed but a good guideline is every four to six months. One way to remember to change your password frequently is to link it to another event in your life like dentist visits or oil changes on your car. You should also change your password whenever you suspect that it may have been compromised. If you visit another city or campus and login to any system without using an encrypted login program such as SSH, then you should change your password upon your return.
Academic Computing Services also has information online about password security.
