A Great Password Policy

by Kristin Briney Posted on 2014-05-29

In response to my previous blog post on strong passwords, a friend pointed out Stanford’s new password policy, which I quite like and thought worth sharing. This policy plays off probabilities, meaning that if you decrease the number of total characters in your password (decreasing the total permutations), you must use more character types instead (increasing the total permutations).

The policy breaks requirements into 4 tiers by password length:

  • “8-11: requires mixed case letters, numbers, and symbols
  • 12-15: requires mixed case letters and numbers
  • 16-19: requires mixed case letters
  • 20+: any characters you like!”

This policy is also mobile friendly, as it’s much easier to type a bunch of letters on a phone than a few random symbols.

I find the policy flexible and accessible and I hope it helps improve your understanding of how to make a strong password.

Stanford IT Services. http://itservices.stanford.edu/service/accounts/passwords/quickguide
Stanford IT Services. http://itservices.stanford.edu/service/accounts/passwords/quickguide
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International
This entry was posted in security. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *