Password Safety

Password safety is crucial when it comes to protecting your data and personal information. Creating unique passwords is good for security, but can keeping track of your passwords particularly difficult.

Do any of the following apply to you?

Your passwords include dictionary words such as "password" or "secret", or sequential numbers like "123"
You use the same password for multiple accounts
Your passwords are written down on a post-it note stuck to your monitor or desk

There are a number of ways to have your computer remember your passwords, but many are not secure! Below are some guidelines for creating and managing your passwords and passphrases.

Creating Passwords and Passphrases

Length and Complexity
We recommend that passwords (and passphrases) be a minimum of 14 characters in length, and not be a single dictionary word. Passphrases are a series of words that are easier to remember. The longer the password/phrase, the more secure it will be and the harder to crack. Never use your name, the name of a loved one/pet, address, place employed, or significant dates in your password. Consider the information someone could easily find out about you on the internet based on social media and other sites; do not include this in your password. The more characters you use, the better. Some �ʺ�Ƶ�� systems will necessarily have differing requirements - including lower & uppercase letters, numbers, and/or special characters. Never share your password with anybody, regardless or role or relationship.

Set Unique Passwords to Every Account
Avoid the temptation to reuse passwords. Should a password be compromised on one system, you would instantly be vulnerable on every system where that password is in use. Strive to create a different password for each account you use--computer login, email, network services, financial institutions, etc.

In cases where you need a password that is both secure and memorable, let your password manager build a passphrase out of random words. For example, a randomly generated password such as is both secure and memorable. (Do not use "correct-horse-battery-staple" as your actual password, as this particular example is widespread across the Internet.)

If your password does not meet our outlined requirements, or it has been compromised, please (and notify cybersecurity@reed.edu immediately in the event of a compromise).

Enable MFA
Enable Multi-Factor Authentication on your accounts. This adds an additional layer of security beyond a username and password. It typically involves an extra verification step such as a code sent to your email, a text message to your phone, or an app on your mobile device where you confirm you're trying to sign in. At �ʺ�Ƶ��, we use Duo to further protect our accounts and prevent compromise.

Password Management Programs

A password management program should offer powerful encryption, as well as convenience of use. Most programs can help you generate strong, separate passwords for each service you need to log into, as well as a browser extension for web accounts. There are a number of different password management programs out there; one that we recommend that is cross-platform is Bitwarden.

Web Browsers and Passwords

Most web browsers offer to save your passwords for you as you type them... some do so securely, others may not. Generally, we recommend disabling this feature in your web browsers, and using a separate password manager instead. A separate password manager will have extensions available for modern web browsers, allowing for easy and secure filling of credentials into the browser of your choice.

Additional Resources

To reset your �ʺ�Ƶ�� ("Kerberos") password:
Learn more about Password Standards at �ʺ�Ƶ��