Password best practices for users

A few steps can help you create strong passwords that protect you and your system. Keep the following best practices in mind when creating a new password in Splunk Enterprise.

Tips for creating strong passwords

• Create unique passwords with a combination of words, numbers, symbols, and both lowercase and capitalized letters.
• Consider groups of words that form a phrase or sentence, such as the opening sentence of your favorite novel or the opening line to a good joke. The ideal password could be an obscure, random phrase that is easy for you to remember, but impossible for an automated system to understand.
• Make your password as long as your system allows. It is increasingly easy to build password-cracking tools that can try hundreds of billions of possible password combinations per second. Each character you add to a password or passphrase increases immunity to brute-force methods.

Avoid the following insecure practices

• Do not choose passwords based on personal information, such as your birth date, your Social Security or phone number, or names of family members.
• Do not use a word from the dictionary. Password-cracking tools are freely available online often come with dictionary lists that will try thousands of common names and passwords. Try using multiple words, adding a numeral to the words, and adding well as punctuation at the beginning or end of the word (or both).
• Never use the same password for different sites.
• Never use the password you've picked for your email account at any online site.
• Do not store your list of passwords on your computer in plain text.