“Treat a password like a toothbrush. Don’t let anybody use it; get a new one every six months”
“Treat your password like your toothbrush. Don’t let anybody else use it, and get a new one every six months” is a saying that has been printed on many images. The saying has been attributed to American astronomer, author and teacher Clifford Stoll, who said it many times.
“Passwords — ‘Use them like a toothbrush. Change them often and don’t share them with friends.’—Clifford Stoll” was printed in the Proceedings of the Unix Security II Workshop, August 27-28, 1990, Portland, Oregon (1990). “Treat your computer password like your toothbrush—change it often and don’t share it” was printed in Computerworld on October 7, 1991. “‘Treat your password like your toothbrush. Don’t let anybody else use it—and get a new one every six months.’ Cliff Stoll” was posted on the newsgroup alt.fan.warlord on March 12, 1993.
Wikipedia: Clifford Stoll
Clifford Paul “Cliff” Stoll (born June 4, 1950) is an American astronomer, author and teacher. He is best known for his investigation in 1986, while working as a systems administrator at the Lawrence Berkeley National Laboratory, that led to the capture of hacker Markus Hess, and for Stoll’s subsequent book The Cuckoo’s Egg, in which he details the investigation.
Google Books
Proceedings of the Unix Security II Workshop, August 27-28, 1990, Portland, Oregon
By USENIX Association
Berkeley, CA: USENIX Association
1990
Pg. 170:
Passwords — “Use them like a toothbrush. Change them often and don’t share them with friends.’’—Clifford Stoll
Google Books
The Little System 7 Book
By Kay Yarborough Nelson
Berkeley, CA: Peachpit Press
1991
Pg. 123:
Password Hints Somebody once said (I think it was Cliff Stoll, the fellow who wrote The Cuckoo ‘s Egg: Tracking a Spy through the Maze of Computer Espionage) that you should treat your password like your toothbrush: use it frequently and change it often.
7 October 1991, Computerworld (Framingham, MA), “Password: User Awareness” by Michael Alexander, pg. 89:
Even though employees were greeted by two knights in shining armor as they arrived for work at Met Life’s New York headquarters on the morning of Sept. 27, it was business as usual at the life insurance company.
The knights handed out toothbrushes, affixed with the message: “Treat your computer password like your toothbrush—change it often and don’t share it.”
(...)
Employees also received computer security reference cards intended to be placed alongside their PCs and antiviral software. The company’s officers received copies of The Cuckoo’s Egg by Clifford Stoll, a speaker in an earlier computer security awareness seminar.
8 October 1992, Vancouver (BC) Sun, “Hacker’s tracker on trail for year” by David Smith, pg. E4, col. 6:
Speaking by telephone from Berkeley where he works in astronomy, Stoll said the Hannover hackers entered the system by guessing at the scientists’ passwords - the secret character string needed to sign on to a computer system.
The scientists, not thinking of security, used first and last names as passwords.
Which prompts Stoll to offer this simple advice: “Don’t share your password. Treat passwords like a toothbrush. Change them every few months and don’t share them with your friends.”
Google Groups: alt.fan.warlord
Inventor minus a few bricks (was Re: Other Life in the Universe)
George F. McQuary
3/12/93
(...)
>Bill Higgins, Beam Jockey | “Treat your password like
>Fermi National Accelerator Laboratory | your toothbrush. Don’t let
>Bitnet: .(JavaScript must be enabled to view this email address) | anybody else use it—
>Internet: .(JavaScript must be enabled to view this email address) | and get a new one every
>SPAN/Hepnet: 43011::HIGGINS | six months.” —Cliff Stoll
7 February 1994, The Daily Northwesterm (Evanston, IL), “Internet accounts experience record break-ins” by C. E. Hanifin, pg. 5, col. 2:
Stoll (Cliff Stoll, an astro-physicist and computer-security expert—ed.) said that guarding your password is the best way to protect against account break-in.
“Treat your password like a toothbrush—change it every few months and don’t share it with friends,” he said.
September 1995, The Futurist (Washington, DC), “Surfing a safe net,” pg. 57:
By using words, proper names, or acronyms, users make it easier for intruders to figure out passwords, making them “weak.” Steps to make passwords “strong” include:
* Treating your password like a toothbrush, changing it often and never sharing it.
Google Groups: comp.security.misc
Password=Toothbrush?
Greg F Walz Chojnacki
5/6/96
I’m writing an article about account security for our campus newsletter and am trying to remember the rule about passwords.
IT goes something like this:
Treat your password like your toothbrush:
1) change it regularly
2) don’t share it with anyone
3)
I can’t remember #3.
If anyone remembers this old saw, please drop me a note.
Twitter
Джейк
@jakerobinson
“A password is like a toothbrush. Use it daily, change it often, and don’t share it with friends.”
9:32 AM - 4 Mar 2008
18 April 2008, Evening Chronicle (Newcastle-upon-Tyne, UK), “How to Avoid Risks,” pg. 6:
Treat your password like your toothbrush: Change it regularly and never share it. Never give personal details to online contacts, including your e-mail address, mobile number and home address.
Google Groups: Stolen Jokes
July 3rd Stolen Jokes
.(JavaScript must be enabled to view this email address)
7/3/08
(...)
Treat your password like your toothbrush. Don’t let anybody else use it, and get a new one every six months.
Twitter
Connie Westpfahl
@ConnieWestpfahl
luv this quote: Treat your password like your toothbrush. Don’t let anybody else use it, and get a new one every 6 months.
Clifford Stoll
10:46 PM - 20 Oct 2008
Google Books
Tweet This Book:
The 1,400 Greatest Quotes of All Time in 140 Characters or Less
By Sayre Van Young and Marin Van Young
Berkeley, CA: Ulysses Press
2011
Pg. 52:
Treat your password like your toothbrush. Don’t let anybody else use it, and get a new one every six months.
Clifford Stoll
Twitter
Password Sentry
@PasswordSentry
http://bit.ly/1P8299B “Treat your password like your toothbrush. Don’t let anybody else use it, and get a new one every six months.” - Clifford Stoll
12:00 AM - 27 Apr 2019