Keep it (really) simple
This tip was submitted to the searchSecurity Tip Exchange by user David Heydecker. Let other users know how useful it is by rating the tip below.
The simplest rules are the best. Make sure that your users know NEVER to write down a password, but to choose an easily remembered one, substituting numbers for equivalent letters, for example (such as the number three for the letter e). Discourage real words and suggest acronyms, such as mMbab1 (make MY bonus a big one). My favorite example of why passwords should never be written down: A company found that a cleaner spent his evening surfing questionable sites -- facilitated by users' passwords written on yellow stickies "hidden" in the top left hand drawer of their desks.
This was first published in July 2001
Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.