How to Create a Secure Passphrase

Soon, the University will require a minimum of 14 characters for Net ID and AD accounts. Please don’t panic and don’t think that it’s impossible to remember. 14+ character passphrases can be easier to remember and easier to type. Instead of using a single long word, or hard-to-remember gibberish such as “TDpZE8yqS7pS0&”, you can use more words with sentence structure such as capitals and punctuation. Choose 3-4 random words, a short phrase, or even a song lyric.


“Gouda is my favorite cheese!”

“It’s pronounced Frankensteen!”

“Have fun storming the castle!”

“On a train bound for nowhere.”

“There can be only 1!”


Think again as a passphrase instead of a password.





How to Keep Your Passwords Safe

  • Use a password management tool. The University provides LastPass Personal Premium to all members of the UR community at no cost. This tool uses strong encryption to ensure the only way to access your password is by creating and using one strong “master” password to protect the credentials of all your other accounts. Get LastPass now.
  • Do not use the same password for everything. For instance, please do not use the same password for an unofficial, casual, or uncritical service (e.g., online games) as you use it for more critical services (e.g., online banking). Use a different password from your University passwords for non-University services to prevent outsiders from gaining access to University systems.
  • Never write your password down.
  • Never share your password with others.
  • Log out whenever you access your accounts, especially when using public-access computers. This will ensure that the next user does not have access to your accounts.
  • Change your password regularly. Unlike keys or an ATM card, your password does not have to be physically taken to be copied, and it’s unlikely you’ll know when your password has been stolen.
  • Ensure that any website that requires your password is protected by Secure Sockets Layer (SSL). These sites encrypt data to transmit private information like credit card numbers securely. Ensure the web address begins with “HTTPS:” or look for a lock icon in the browser’s address bar. 


If you’ve made it this far, enjoy an internet-famous comic strip from XKCD.

Credit to XKCD