As a Chief Information Security Officer (CISO), my primary goal is safeguarding Chapman University’s digital assets. One of the simplest yet most effective ways to enhance security is by focusing on password strength, and a key component of that strength is password length.

Why Longer Passwords?

The math behind password security is straightforward: longer passwords are exponentially harder to crack. Each additional character in a password increases the possible combinations, making brute-force attacks—a method where attackers try every possible password combination—less likely to succeed.

The Power of Exponential Growth

The concept of exponential growth is crucial here. With each additional character, the difficulty of cracking a password doesn’t just increase; it multiplies. This is why we often recommend passwords at least 12-14 characters long. It’s not just about having a few extra letters or numbers; it’s about creating a barrier that is more challenging to overcome.

Balancing Security and Memorability

Of course, there’s a balance to be struck. Passwords need to be not only strong but also memorable. That’s where passphrases come in. A passphrase is a sequence of words or other text longer than a traditional password and easier to remember. For instance, “BlueSky@Sunrise2024!” is far more secure than “Sun2024” and likely easier to remember.

Implementing Best Practices

As a CISO, I advocate for policies that require longer passwords. Educating students, faculty, and staff about the importance of password length and complexity is also a part of our ongoing security training.

In conclusion, the length of your password can significantly impact your security posture. By choosing longer passwords and employing passphrases, you can protect your personal and organizational data from the most common cyber threats. Please visit our Password Management information page to learn more.


Stay safe, stay vigilant!

Keith Barros

Chief Information Security Officer (CISO)