Password Wisdom - hackers have shown remarkable ability to crack passwords, in a wide variety of ways, and then depend on human nature (ie, our tendency to reuse passwords) to crack into other systems, such as work systems, bank accounts, etc.

Rules of Thumb:

1. Do NOT user your uNID or your Huntsman / U of U email address as an account name on external or personal system  eg, your bank account, Facebook, DropBox, G-Mail, Yahoo, Skydrive, etc.  We realize you may need to use your @hci.utah.edu or @hsc.utah.edu email address as an account name for some collaborations or in commonly used research sites, external clinical systems, etc.

2. Use different passwords for work systems and personal accounts.  The longer and more complex the password, the tougher it is to crack.  

3. Best Advice - use long & different passwords for every internet site you have an account with.

Setting Password Hints: A really good idea on remembering passwords is to use some kind of familiar story or theme to remember your various password types.   

For example, for social media systems you might use a family vacation phrase, like DisneyCryingKids, which has 3 elements, three different words, making it tougher for hackers to crack.  So, for your Facebook account you could use “DisneyCryingKidsRain”, and for Linked In you could use “DisneyCryingKidsBlue”, etc.  

For bank accounts or online brokerage accounts, you could use another theme, maybe a goal, eg, GetN3wC@r, with GetN3wC@rBlue for one bank that has a blue logo, GetN3wC@rRed for your bank that has a red logo, or whatever.

Here is more information on creating long, easy to remember passwords
 
Whatever you do, don’t use passwords like “abc123”, or “shadow”, and please - oh please, oh please - don’t use the password “password”.  The hackers have caught onto human nature and they have a long list of commonly used passwords and those typically get cracked first.
 

Protecting Data  

Keep Work Data on Work Systems - the risks of getting data pilfered by bad guys is increasing daily.  Don't risk having patient data, important research data or Huntsman proprietary data stolen by putting it on personal systems.  Whenever possible, remote to Huntsman or U of U systems that are secured to perform work.  If you need help getting connected to HCI/HCH from the outside, please ask for assistance.