Don't use your login name in any form (as-is, reversed, capitalized, doubled, etc.).
	Don't use your first or last name in any form.
	Don't use use your spouse's or child's name.
	Don't use other information easily obtained about you. This includes license plate numbers, telephone numbers, social security numbers, the brand of your automobile, the name of the street you live on, etc.
	Don't use a password of all digits, or all the same letter. This significantly decreases the search time for a cracker.
	Don't use a word contained in (English or foreign language) dictionaries, spelling lists, or other lists of words.
	Don't use a password shorter than six characters.

 

	Do use a password with mixed-case alphabetic characters.
	Do use a password with nonalphabetic characters, e.g., digits or punctuation.
	Do use a password that is easy to remember, so you don't have to write it down.
	Do use a password that you can type quickly, without having to look at the keyboard. This makes it harder for someone to steal your password by watching over your shoulder.

Method to Choose Secure and Easy to
Remember Passwords

 

	Choose a line or two from a song or poem, and use the first letter of each word. For example, ``In Xanadu did Kubla Kahn a stately pleasure dome decree'' becomes ``IXdKKaspdd.''
	Alternate between one consonant and one or two vowels, up to eight characters. This provides nonsense words that are usually pronounceable, and thus easily remembered. Examples include ``routboo,'' ``quadpop,'' and so on.
	Choose two short words and concatenate them together with a punctuation character between them. For example: ``dog;rain,'' ``book+mug,'' ``kid?goat.''

 

Excerpts from

IMPROVING THE SECURITY OF YOUR UNIX SYSTEM
David A. Curry, Systems Programmer
Information and Telecommunications Sciences and
Technology Division
ITSTD-721-FR-90-21