Password Managers

Why do I need a strong password?

What constitutes a strong password?

There are a few factors that contribute to a password being strong. Here are some important ones:

LENGTH It takes the average password cracker about 8 hours to guess all possibilities for (or brute-force) a random 8-character password. For a 12 character password? 200 years.		Password: ***************
@#$%^& *()_+= {}[]\| :";'`~	CHARACTER VARIATION If you just use letters or numbers you are missing out on an entire layer of security. Symbols like ~`;:[]{}()+=&^%'" make passwords much stronger. The difference in time for a computer guessing a 12-character password with letters and numbers versus one with symbols is thousands of years
RANDOMNESS Passwords that are predictable are easy to break. Use a password manager to generate truly random passwords.
Sharing is not caring	UNIQUENESS Never use same password for multiple website. If one of your accounts gets breached, anywhere else you have used that password will be breached as well.

Passwords and Passphrases

A password is a short (up to 12 characters) string that uses numbers, letters and symbols. When we think about passwords, we think of a word found in a dictionary. Password variations can be predictable:

• If we are required to use uppercase letters, we put the at the beginning of the password.
• If we are required to use numbers and symbols, we put them at the end of the password.
• Sometimes, we change alphabet characters for numbers or symbols. For example: S is replaced by $, or E is replaced by 3.
• In an assessment at USU, about 1 out of 3 passwords were guessed.

A passphrase is a long (16 or more characters) sentence that we can easily remember. The advantage of passphrases is that they are longer than passwords, which makes them harder to guess. Consequently, we want to think of passphrases instead of passwords.

Examples of Strong Passphrases

To generate a strong passphrase, take a sentence that does not make any sense and has not been published before (otherwise it might be in a cracking dictionary), which includes numbers and symbols. For example:

• #Security-I use 85 Weak Passwords
• I go to the Pool when it is 20’F&cloudy

Want to make it easier? Use a password manager.

USU recommends using a password management software to create unbreakable passwords - that you never have to remember!

A password manager is like a digital safe where you can store all of your passwords. It helps you create strong and unique passwords for different websites and apps, and keeps them organized and secure. You only need to remember one "key" (master password) to access all of your passwords, instead of trying to remember different passwords for each account. It's a simple and effective way to keep your online accounts safe and easily accessible.

• USU IT does NOT recommend saving passwords using your web browser!
• Change your USU password at https://myid.usu.edu/

USU IT currently utilizes Bitwarden. Bitwarden has easy-to-use mobile apps and browser extensions. It offers a robust free version with the ability to share passwords securely. See Create Your Bitwarden Account to get started or view our staff-only instructions at Bitwarden: Create a Bitwarden Account

There are numerous password managing software programs available, choose one that fits your needs best.

One last thought...

Keeping secure passwords might sound like a pain, but it's worth it. Think of it like a lock on your car - it's not really convenient to carry keys around everywhere, but it protects something valuable. Your passwords are the keys that protect everything from your identity to your grades to your bank account. Keeping that secure is worth the effort.

For further assistance, please contact the IT Service Desk