NCJ Number
121486
Journal
Security Management Volume: 33 Issue: 9 Dated: (September 1989) Pages: 206-208
Date Published
1989
Length
3 pages
Annotation
Data security requires that users create memorable passwords without using set patterns of words.
Abstract
People are apt to choose passwords that relate directly to themselves or to their lifestyles. A potential abuser of the system, however, can easily narrow down password options by asking users questions about their families, pets, and leisure pursuit and interests. Married women tend to use their husband's name as a password, usually followed in preference by children's names or pets' names. Married men usually use their children's names first, then their pets' names, and then their wives' names. Users should avoid such predictable patterns and not use names of friends, relatives, or people in the news or favorite performers. Do not repeat the same letters in a word, even if the password is a real word, do not make passwords less than seven characters long, or write them down or give them to anyone. Finally, do not use a set pattern of rotating passwords. The latter pertains to the practice of changing passwords periodically, typically every 30 days. Such a change loses its meaning if passwords are predictably rotated.