Information submitted through the support site is private but is not hosted within your secure CDD Vault. Please do not include sensitive intellectual property in your support requests.

Password Security Guidelines

Each user is responsible for helping keep their account secure. CDD strongly recommends that you:
  • choose strong passwords
  • do not reuse passwords used for other web sites
  • use a password manager to make both of the above points easy
  • do not share your passwords with others.

CDD Vault will now use the Zxcvbn password algorithm when users set their passwords. This algorithm analyzes a proposed password and gives it a rating based on how hard it is for hacking software to guess. CDD Vault will require a zxcvbn score of 4 (out of 5).

 

zxcvbn is an algorithm that will provide a measure of the strength of a password. It uses pattern matching but also estimates whether (and/or how long) a system could crack your password.

 

In its analyses, zxcvbn uses a repository of thousands of common passwords, names, and surnames as well as other common patterns like dates, repeating text, sequences (xyz), keyboard patterns (qwerty), and l33t speak (predictably replacing c3rt@in letters with certain $ymb0ls).

Using all of this, zxcvbn is able to determine the strength of a password based on how unpredictable it is.

 

When creating a new password, users might try to:

  • create a password that's at least 10 characters in length
  • use a combination of characters
  • be unpredictable with your use of capital letters, symbols and numbers, word choices and sentence strings

The suggestions above, however, are not 100% hard-and-fast rules. You might also check your intended password using the Password Strength Checker  - your intended password must report a "Strength score" of 4 or 5.