How to Choose a Strong Password

From SPARK

Administrators of SPARK don't know your password and have no way of finding it out. If you don't remember it, we would have to reset your password to something you'd then need to change to something else the next time you log in. We are happy to do this when necessary. But resetting your password is not a trivial one-minute fix, so please try to choose a password you can remember, keeping in mind the following ideas (extracted from Wikimedia).

Suggestions to help you choose a good password:

• Longer passwords are better: a minimum of eight alphanumeric characters is usually suggested, with mixed cases in the alphabetic characters.

• Do not use birth dates, family names, phone/social security/passport/id numbers, or any other information tied personally to you or someone you know. Do not make your password the same as your username.

• Do not use words that may appear in any dictionary (i.e., no foreign words either).

• Use nonsensical strings of characters (i.e., not dictionary words) and ideally randomly chosen ones only. Use a mnemonic if necessary; for example, "My First Cousin Al lives in Denver" is an aid to remember "M1CA11inD" (note the use of 1 instead of L). However, this specific character string is not suited as a password -- see below.

• Do not use a password that has been used as an example of a good one (like "M1CA11inD", which appears above).

• Use spaces, punctuation, special characters or symbols, such as =, #, /, or ©. These are permitted in all Wikimedia log-ins.

Our system allows you to use a passphrase rather than just a single word. If your password is long enough you can ignore many of the common tips like avoiding dictionary words. For example "twig let iffy date ron carl" is a password which is very strong even though it contains dictionary words.