C&SS helpdesk
virus assistance
IT overview

helpdesk
virus alerts
site license software
directions / location
contact
staff directory

Password Information

Choosing "Good" Passwords at NCI-Frederick

What is Required by NIH:

• Create a password with at least seven characters.
• Choose a password with a combination of at least three of the following types of characters:
  • Capital Letters
  • Lower-case Letters
  • Numeric Characters
  • Special Characters (!@#$%^&*()_+|~-=\`{}[]:";'<>?,./)
• Change Passwords at least every 180 days to one that is different from previous passwords.
• Change your newly assigned network password the first time you log on.
• Log out of your computer or lock your screen when you leave your desk.
• Ensure that a password-protected screensaver is enabled on your computer and set to activate if the system is idle for 15 minutes or longer.
• If you believe your password may have been compromised, contact the HelpDesk at 301-846-5115 immediately.

Other Hints:

• Use a password that is easy to remember, so you don't have to write it down. An example would be to create a combination of letters that stand for a phrase that enable users to remember passwords easily. Phrases should be:
  • Known only to the you.
  • Long enough to be secure.
  • Hard to guess, even by someone who knows the you well.
  • Easy to remember and easy to type accurately.

What Not to Do:

• Don't use your login name in any form (as-is, reversed, capitalized, doubled, etc.).
• Don't use your first or last name in any form.
  Don't use your spouse's or child's name.
• Don't use other information easily obtained about you. This includes license plate numbers, telephone numbers, social security numbers, the brand of your automobile, the name of the street you live on, etc.
• Don't use a password of all digits, or all the same letter.
• Don't use a word contained in (English or foreign language) dictionaries, spelling lists, or other lists of words.
• Don't use a password shorter than seven characters.
• Don’t share passwords with other users.
  Don’t reveal your password to anyone, over the phone, e-mail, or in person.
• Authorized users are responsible for the security of their passwords and accounts.
• Don’t write a password down where it could be read.
• Don’t cache (autosave, cookies) your passwords. Make sure you unclick any option to save your password.