The strength of a system or application is directly dependent on the strength of the passwords the users employ to log onto the system or application. The stronger the passwords, the more secure the information the system or application contains.
STRONG PASSWORDS
A 'strong' password is one that can resist multiple random trials to gain access to a network or application. It is the responsibility of each person who accesses the Digital Data Submission system to ensure his or her password is less prone to cracking or guessing, in other words, a strong password. The following are some guidelines to creating a strong password. Note that these are not the AER's password policies. Please find AER's password requirements after the recommendations below.
A strong password should:
be at LEAST eight characters long;
contain a mixture of upper and lower case characters with at least one uppercase and one lowercase character;
contain at least one number;
contain at least one non-alphanumeric character. (punctuation and special characters such as the tilde (~) are considered non-alphanumeric characters).
WEAK PASSWORDS
A 'weak' password is one that is easy to guess if a few key facts, such as spouse's name, are known about the user. A weak password is also one that appears in any dictionary in any language.
PASSWORDS AND THE DIGITAL DATA SUBMISSION (DDS) SYSTEM
Because of the sensitive nature of the information collected by some of the applications within DDS, password security and strength are of utmost importance. Therefore, all passwords used to access the DDS system must follow these rules:
PASSWORDS ARE CASE-SENSITIVE
Each password must:
be at least 6 characters in length;
contain at least two non-alpha characters
The following is a list of alpha and non-alpha characters that may be used as part of a password:
Alpha Characters
All uppercase letters (A-Z inclusive)
All lowercase letters (a-z inclusive)
Non-Alpha Characters
All numbers (0-9 inclusive)
~ ! @ # $ % ^ * ( ) _ - + = \ } ] { [ " ' : ; , . ? /