<link type="guide" xref="user-accounts#passwords"/>
<desc>Use longer, more complicated passphrases.</desc>
<revision pkgversion="3.0" version="0.1" date="2010-12-29" status="candidate"/>
<name>GNOME Documentation Project</name>
<include href="legal.xml" xmlns="http://www.w3.org/2001/XInclude"/>
<title>Choose a secure passphrase</title>
Make your passphrases easy enough for you to remember, but very difficult for others (including computer programs) to guess.
<p>Choosing a good password or passphrase will help to keep your computer safe. If your passphrase is easy to guess, someone may figure it out and gain access to your personal information.</p>
<p>People could even use computers to systematically try to guess your password, so even one that would be difficult for a human to guess might be extremely easy for a computer program to crack. Here are some tips for choosing a good passphrase:</p>
<p>Use a mixture of upper-case and lower-case letters, numbers, symbols and spaces in the passphrase. This makes it more difficult to guess; there are more symbols to choose from, so more possible passphrases that someone would have to check when trying to guess yours.</p>
A good method for choosing a passphrase is to take the first letter of each word in a phrase that you can remember. The phrase could be the name of a movie, a book, a song or an album. For example, "Flatland: A Romance of Many Dimensions" would become F:ARoMD or faromd or f: aromd.
<p>Make your passphrase as long as possible. The more characters it contains, the longer it should take for a person or computer to guess it.</p>
<p>Do not use any words that appear in a standard dictionary in any language. Password crackers will try these first. The most common password is "password" - people can guess passwords like this very quickly!</p>
<p>Do not use any personal information such as a date, license plate number, or any family member's name.</p>
<p>Do not use any nouns. </p>
Choose a passphrase that can be typed quickly, to decrease the chances of someone being able to make out what you have typed if they happen to be watching you.
Never write your passphrases down anywhere. They can be easily found!
<p>Use different passphrases for different things.</p>
<p>Use different passphrases for different accounts.</p>
<p>If you use the same passphrase for all of your accounts, anyone who guesses it will be able to access all of your accounts immediately.</p>
<p>It can be difficult to remember lots of passphrases, however. Though not as secure as using a different passphrases for everything, it may be easier to use the same one for things that don't matter (like websites), and different ones for important things (like your online banking account and your email).</p>
Change your passphrases regularly.
<cite date="2010-10-31" href="mailto:email@example.com">GNOME Documentation Project</cite>
<p>Tips on what makes a secure password.</p>