Data Protection – Choosing a strong password

Home KB Home Staff Students & Parents Data Protection – Choosing a strong password

Passwords protect both your personal data and the schools networks and services. Please take the time to choose a strong, memorable password or passphrase, whilst considering the guidance below:

Strong passwords

Recommended techniques for inventing a strong password you can actually remember include:

  • a mix of upper and lower case letters (not just on first or last character)
  • a pair of unrelated words with punctuation inserted
  • a full sentence which is nonsense (e.g. horsesupermansea)
  • the first letter of each word in a phrase or song title, with mixed case and punctuation/numbers
  • alternating one consonant and one or two vowels, to create a nonsense word which you can pronounce, and perhaps including this nonsense word in a longer phrase.

Weak passwords

The following types of password should be avoided:

  • null (blank) passwords
  • fewer than 8 characters
  • simple sequences such as qwerty, letmein, welcome, hello, password, the name of your department or the school
  • long passwords which are obvious sentences or well-known quotations
  • anything you would find in a dictionary (in any language or jargon), or any dictionary word slightly modified (e.g. by adding a number to the end, or changing l to 1) any name (including that of a partner, parent, child, pet, literary character, famous person or place)
  • any variation (e.g. backwards, or followed or preceded by a digit) of your own name, your username on any other system, your birthday, car registration number or any other personal information
  • any small variation on your existing password
  • your password on another system

Keeping your password safe

  • Never leave a handwritten copy lying about
  • Be aware of who might be watching you when entering your password
  • Never give your password to other people, however trustworthy you believe them to be (this includes your friends and family)
  • Passwords should be changed at regular intervals
  • Different passwords should be used for different computer systems, so that if your password is cracked the damage may be limited. i.e. use a different password for SIMS and your network ID