For more information on choosing strong passwords visit the BU's IS&T page

General Guidelines:

So, how do you create a "strong" password that is easy to remember? While it may seem tough to do this, there are a few simple tips that can make it easy

  • Use passphrases: The most important factor in password strength is length. Passphrases are a string of words, like a favorite song lyric or quote. These can be both long and easy to remember! Aim to create a passphrase that is 16 characters or more, as required by the BU password policy requirement. Use a mix of alphabetical and numeric, a mixture of upper and lowercase, and special characters when creating your unique passphrase. 
  • Use unique passwords or passphrases: You should have a unique password for each of your accounts. This way, if one of your accounts is compromised, your other accounts remain secure.
  • Use a password manager: Use a password manager to help create and manage strong, unique passphrases for all your accounts! Some top products are: 1Password, Apple's iCloud Keychain, KeePass, and LastPass (alphabetical order).
  • Visit the Terrier Cybersecurity Checkup: Our online app allows you to view how old your password is (BU passwords expire every five years), view the devices associated with your Duo account, and view a list of breaches associated with your BU email address. This is a powerful tool to gain insight to your BU password:https://cybercheckup.bu.edu/.

Choose

Here are three simple ways to construct a secure, easy to remember passphrase:

1. Create a passphrase by taking a short phrase and:

  • Change the capitalization of some of the letters
  • Replace some of the letters with numerical and symbolic substitutions ($ for S, 8 for B)
  • Misspell or abbreviate some words (E.g., the phrase “Dunkin' Donuts is great for summer” becomes “Dunkisgr84$umm3R”.)

2. Choose several shorter words and add some numbers in the center, then change the capitalization and substitute symbols for letters. (E.g., the phrase “books 930 Pleasant” becomes “b00K$930PL3^S^n+”.)

3. Choose a memorable quote or phrase and use only the first letter from each word. Vary the capitalization. Also include numbers and symbols, either as substitutions for letters or as a replacement for a full word. (E.g. Albert Einstein's quote Two things are infinite: the universe and human stupidity; and I'm not sure about the universe."  becomes “2TrI:tU&h$;&Ins@tU”.)

Don't choose

  • Passwords of fewer than sixteen characters.
  • Words or phrases that do not mix upper and lower case, or do not mix letters or numbers, or do not mix letters and punctuation.
  • Your name in any form -- first, middle, last, maiden, spelled backwards, nickname or initials.
  • Any ID number or login name in any form, even spelled backwards.
  • Any all-numeral passwords, e.g., your license-plate number, social-security number.
  • Your phone or office number, address, birthday, or anniversary.
  • Any single common name, name of a close relative, friend, or pet.
  • A single English or foreign word, however two or more English or foreign words may be used to create a passphrase.  
  • A single word either preceded or followed by a digit, a punctuation mark, up arrow, or space.

Check out this tutorial on creating a strong (and LONG) password:

 

Passwords are our first and best line of defense against unauthorized access to our online information. If your BU password is hacked, a bad actor could gain access to BU services that are not yet protected by multifactor authentication. The longer your password the more secure,; use a passphrase when creating a strong and unique BU password!