Password Security

Keep It Secure, Keep It Safe, Keep It Private

Sharing your username and password may seem harmless, but it can open up confidential data and provide opportunities for abuse. It only takes one person to cause considerable trouble using another's password.

Many people have a fairly casual attitude toward password privacy and security: Passwords are sometimes printed and posted openly, and occasionally people will even share their password with others to enable them to perform some task. Do not share your passwords with anyone, including administrative assistants or secretaries. This is not okay.

Important Reasons to Always Keep your Hampshire Password Private

  • Hampshire accounts give access to multiple places. Sharing a password to let a person do one thing opens up access to a lot of other activities. For example, giving out your email password also gives access to everything on TheHub, Moodle, the Intranet, and possibly file servers; this compromises personal financial information as well as Hampshire confidential information.
  • Some security flaws rely on having access to an account on a machine. For example, someone logging in to an email server with a regular user account could then launch an attack to attempt to get administrative (super user) privileges. Giving out a password for a machine a user doesn't normally have access to increases the chances that the machine can be broken into.
  • People are protected by not having access to systems they shouldn't. If the system is compromised, they will not be considered a suspect.

You are responsible for the security of your account and the confidentiality of your password

  • Do not use the same password for Hampshire College accounts as for other non-Hampshire College accounts, such as personal ISP account, benefits, banking, and other accounts.
  • When IT works on your computer, please arrange to be available to type in your password as needed. If that is not possible, change your password immediately before and after the work is done.
  • You are required to change your Hampshire password when it becomes a year old at password.hampshire.edu
  • Always use caution when presented with something asking for your username and password. It may be phishing designed to obtain your password or other personal information.

How do I pick a good password?

Good passwords contain Bad passwords contain
  • At least 9 characters.
  • A mix of letters, numbers, and these symbols: ~!%^)+]>}`$*
  • Something hard to guess, but easy to remember.
  • Predictable patterns or significant repeating of the same character
  • Any personal information (name, birth date, children/pet's names, SSN, etc)
  • A password you use for other systems

How can I create a memorable password?

Think of a phrase you can easily memorize. For example:

I have three furry white kitties and one puppy dog!

Keep the first letter of each word and insert numbers where appropriate. For example:

Ih3fwka1pd!

Use a well-rated password manager.

Whether you're reusing passwords (a definite security risk) or trying to keep track of a multitude of passwords (a definite sanity risk), a password manager is a great help. For additional information on password managers, see our Tech Tip of the Week: Using a Password Manager

Examples of bad passwords

These are examples of commonly used passwords. Don't use passwords like these:

Number patterns

  • 111111
  • 121212
  • 123123
  • 123456
  • 654321

Sequences based on keyboard layout

  • 1qaz2wsx
  • qwerty
  • qwertyuiop
  • zaq1zaq1
  • azerty

Words and phrases inspired by the login context

  • access
  • admin
  • iloveyou
  • letmein
  • login
  • master
  • passw0rd
  • photoshop
  • trustno1

Names, interests, and aspirations

  • ashley
  • baseball
  • dragon
  • hottie
  • jesus
  • mustang
  • princess
  • starwars
  • superman

Remember: Keep It Private, Keep It Safe, Keep It Secure

Stay In Touch With Information Technology Staff

413.559.5418 FAX: 413.559.5419