Question
What are the requirements for a GRCC passphrase?
Why is GRCC switching from passwords to passphrases?
Information
Passphrase requirements are designed to enhance the security of our accounts and protect sensitive information. Key reasons for this policy include:
- Length: A longer passphrase increases complexity and resistance to brute-force attacks. A 14-character passphrase provides a balance between usability and security.
- Character Type: Including both uppercase and lowercase letters increases possible combinations and allows users to create more memorable passphrases.
- Change Frequency: Changing the passphrase annually limits the window of vulnerability if an account is compromised. Multi-factor authentication (MFA) provides an additional layer of security.
By combining these elements, we create a resilient passphrase less susceptible to common attacks. Annual changes reduce risk without imposing a burdensome memory requirement.
Answer
GRCC passphrase requirements are as follows:
- Passphrase Length: A minimum of 14 characters.
- Character Types: Must include uppercase letters, lowercase letters, and numbers.
- Passphrase Change Frequency: Once a year and whenever potentially compromised.
Passphrase best practices
Best practices for creating strong passphrases include:
- Use an easy to remember but uncommon group of four to eight words.
- Add spaces within and between words.
- Use capital letters or capitalize certain words.
- Add punctuation and special characters.
- Use unusual or abbreviated spellings of words.
- Replace some letters with numbers.
Example: P!nk Dinner Dre$$ D@te