An official website of the United States government
Here's how you know
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

News | Oct. 13, 2022

CSAM Week 2: Using strong passwords

By DCMA Information Technology

The Defense Contract Management Agency’s Information Technology Cybersecurity team champions Cybersecurity Awareness Month, or CSAM, to ensure good cyber habits. With the holiday online purchasing season approaching, October is the ideal time for personnel to learn about their cyber presence and the role cybersecurity plays in keeping DCMA, its customers and the warfighter secure.

Week Two focuses on the importance of using strong passwords.

Why do users need strong passwords?

Passwords are a means by which a user proves they are authorized to use a computing device. This authentication process is more important and more difficult in the cyber world. Passwords are the most common means of authentication but only work if they are complex and confidential. Many systems and services have been successfully breached because of non-secure and inadequate passwords. Once a system is compromised, it is open to exploitation by other unwanted sources.

Using strong passwords is an easy way to improve your cyber security posture. Strong passwords must be long and complex. DCMA implements the Department of Defense mandated minimum password length and complexity requirements whenever possible.

Keep in mind there are many threat actors out there that make their living by stealing information. The most successful way they do this is by exploiting weak passwords.

Password Creation Tips

Here are some points to creating and using strong passwords to protect yourself and the agency:

  • Use different passwords for different accounts.
  • Develop mnemonics to help remember complex passwords.
  • Do not use passwords based on personal information or that can be easily accessed or guessed by a quick search on social networking sites.
  • Avoid repetitive or sequential characters.      
  • Consider using the longest password or passphrase permissible.
  • Do not use words that can be found in any dictionary of any language.

There is no guarantee these techniques will prevent an attacker from learning your password, but they will make it more difficult for a threat actor to gain access to your information.

For more information about passwords or other cybersecurity topics, visit the agency’s Cybersecurity Awareness Month 365 page (login required).