Passwords are the first line of defense for the protection of AU information system resources. Using good passwords will help reduce the possibility of unauthorized access and abuse of information.
Below are some simple suggestions to assist with proper password management:
- Immediately change your password if it has been disclosed
- Protect all software and files containing formulas and algorithms used for the generation of passwords
- Never use your login name in any form as a password – either as – is, reversed, capitalized, doubled, etc.
- Avoid personal names as passwords – yours, your spouse, children, etc.
- Avoid using personal information as passwords that could readily be obtained or guessed – this could include license plate numbers, pet names, telephone numbers, social security numbers, the brand of your automobile, zip code, the name of the street you live on, etc.
- Avoid a password using several repeating digits or letters
- Avoid using words unless combined with numbers or punctuation marks
- Configure devices with separate accounts for privileged and unprivileged access, where possible, then, authenticate with an unprivileged account rather than a privileged account, switching to the privileged account only when and or as long as necessary while logging all activity. Note that password changes on all centrally – managed systems are synchronized so that one change updates all systems with the same password.