Aren’t we innovative and creative people? Building complex accelerators and doing sophisticated physics analysis is not easy and requires a lot of excellent brains. Some items of hardware are pure works of art, worthy of a place in an art museum. Some software takes advantage of all the finesse of computer science to optimize every last bit of computing power. So, yes. We are. Innovation and creativity are our middle names.


But I wonder why these splendid characteristics are lost when dealing with passwords? Recent computer security scans have found a series of unprotected passwords and, I hope you agree, “Operator1”, “SamFox” or “Admin123” do not reflect our innovative nature (and might even be taken as an insult). I believe we can do much better than that and encourage you to be Creative@CERN!

So take up this small challenge. I am sure you can do better than your colleagues! Your good password, however, must be private (used and known by only one person); secret (it must not appear in clear text in any file or program, or on a piece of paper pinned to the monitor); easily remembered (so there is no need to write it down); at least 8 characters long with a mixture of at least three of the following: upper case letters, lower case letters, digits and symbols. It must not be listed in a dictionary of any major language; and not guessable by any program in a reasonable time, for instance less than one week.

A good password is a work of art. Here are some hints to help you choose good passwords:

  • Choose a line or two from a song or poem, and use the first letter of each word. For example, "In Xanadu did Kubla Kahn a stately pleasure dome decree!" becomes "IXdKKaspdd!".
  • Use a long passphrase like the sentence "InXanaduDidKublaKahnAStatelyPleasureDomeDecree!" itself.
  • Alternate between one consonant and one or two vowels with mixed upper/lower case. This provides nonsense words that are usually pronounceable, and thus easily remembered. For example: "Weze-Xupe" or "DediNida3".
  • Choose two short words (or a big one that you split) and join them together with one or more punctuation marks. For example: "dogs+F18" or "comP!!UTer".

Finally, remember that your “password is your toothbrush”: you do not share it and change it regularly. Neither your colleagues, your supervisor, the ServiceDesk or the Computer Security Team have any valid reason to ask for it. They should not and will never do. The same is valid for external companies: UBS, Paypal, Amazon, Facebook, Google will never ask you for your password! Your password is yours and only yours.

For further information, questions or help, please check our website or contact us at

Access the entire collection of Computer Security articles here.

by Computer Security Team