Campus
Campus
Password Security

Your password -- a secret word or phrase -- allows you, and only you, to access Hillsdale College computing resources using your username.

Like the key to your home's front door, your password keeps out unwanted intruders. Would you leave your house keys lying around to be picked up by any malicious stranger? And yet electronic passwords are still scribbled on sticky notes on computer screens or stashed under keyboards or in the back of desk drawers. According to some analysts, more than a million passwords have been stolen to date. It is surprisingly easy to guess or steal passwords. Hackers can launch a dictionary attack by comparing your password with every word in a dictionary -- foreign as well as English -- in a matter of minutes. Or they can use "sniffers," programs that read every keystroke sent from a machine, including passwords. You can take measures, however, to reduce the likelihood that such schemes will be successful when it comes to your password. Memorize your password, rather than writing it down; never share your password with anyone; never send your password via email; and don't choose one that is too predictable or easy to guess.

Why is this important?

Someone who guesses or steals a password can access files, emails, funds, and personal information. This allows the hacker to change or destroy files or send malicious emails in someone else's name. Once intruders gain access to a system, they can monitor other machines and systems on the same network and even monitor the remote systems to which the local users connect. For example, an unwanted intruder might, by way of a stolen password, gain access to confidential student or college financial information.

What to include in your password:

  • Choose a password that is easy for you to remember, but difficult to guess.
  • It should contain seven to eight characters.
  • Use punctuation marks or symbols within your password.
  • Do not use a blank space!
  • Always mIx uPpEr- and LoweRcaSe letters.
  • Select a unique password, not one that you are using for some other purpose.

Specifically, if you are or will be using Hillsdale College computers, your password should include:

  • 8 to 22 characters
  • At least one upper-case letter
  • At least one lower-case letter
  • At least one number
  • At least one special character (i.e. #,@,$)

What not to do:

  • Don't write down your password!
  • Don't send your password via email.
  • Don't store your password in a file on your computer.
  • Don't use dictionary or foreign words, names, doubled names or first/last names and initials. Stay away from simple transformations of words (e.g., 7eleven, seven11, etc.) or any alphabet or keyboard sequence (backwards or forwards).
  • Don't even consider short words, single characters, phone numbers, birth dates or numbers substituted for letters (like a zero instead of the letter O).
  • Be wary of programs unnecessarily requiring your password. Once you are logged in to a given computer system, it should not need to know your password again.

And remember to change your password if:

  • You have had the same one for more than six months.
  • You have told it to anyone (even Mom) or have written it down anywhere.
  • You have logged onto a system from another city or campus.
  • You are notified that it does not meet current standards.

Strategies for choosing a good password:

The following are only suggestions for developing a secure password. Please, please do not use these examples! Including them in this document compromises their security.

Lines from a favorite childhood verse.
Example: London Bridge Is Falling Down
Password: LBif% Down

Expressions about a favorite geographical area.
Example: I left my heart in San Francisco
Password: iLmHiS#F
Example: Sunny California
Password: suNIc*al!

Foods liked or disliked as a child.
Example: Fish on Fridays
Password: FoFda!
Example: Chocolate Pudding
Password: cHO%dinG

Try substituting antonyms or synonyms for your chosen words or interweave letters and characters from successive words. Ultimately, any password you choose has to be known to you and you alone and must conform to local procedures for constructing passwords.

What do I do if I forget my password?

Bring a photo ID to Information Technology Services located in the lower floor, Knorr Student Center. A technician will verify your identity and help you create a new password.