How to Choose a Good Password

How to Choose a Good Password

(And Why You Should)


Contents


Do not use:

There are programs (and they are easy to write) which will crack passwords that are based on the above.


Do:


Never!

Finally, NEVER write your password down anywhere, nor share your password with anyone, including your best friend, your academic advisor, or an on-line consultant!


``Why go through all the trouble?''

Passwords are the primary defense and front-line security for your personal data. If someone obtains your password, then they have complete access to your account and all its data, and to all the privileges and abilities you have. If you give your password to anyone, you are giving them significant power while keeping all the responsibility for their wielding it. There are always better and safer ways of doing anything legitimate than giving away your password.

The Athena Rules of Use clearly state: Do not let anyone know your password(s).

Giving someone else your password -- including trusted friends, or even IS/Athena staff members -- is like giving them a signed blank check, or your charge card. You should never do this, even to ``lend'' your account to them temporarily. This is especially important now that you can view certain private information online (e.g., academic records through the Student Information Services program).

Your Athena username identifies you to the Athena user community -- anyone who has your Athena password can use your account and whatever they may do that affects the system will be traced back to your username; if your username is used in an abusive manner, you can be held responsible.

Furthermore, there is never any reason to tell anyone your password: every MIT student and faculty member who wants an account of their own can have one; and if your goal is permitting other users to read or write some of your files, there are always ways of doing this without giving away your password. (For example, see the document Managing Your Athena Account.)


``What if I forget my password?''

Don't worry. Just go over to Athena User Accounts (Front Desk, Bldg N42, 211 Massachusetts Avenue) with your picture MIT ID, and they will gladly change it for you.


Copyright 1999 MIT Student Information Processing Board. Last update 11 August 1999 by Richard J. Barbalace.