Password requirements

Keep in mind that the passwords we choose contribute to the security of our Sourcegraph-managed systems and data. In addition to being users, many of us are also administrators so it is especially important to be thoughtful when selecting a password.

Here is some guidance for setting passwords to Sourcegraph-managed accounts. These are strongly recommended and will be enforced at the organizational level when available.

Do not:

• Use a password that is the same or similar to one you use on any other websites
• Use a single word, for example, password, or a commonly-used phrase like Iloveyou or a string of numbers/letters, such as abc123
• Use identifiable information about yourself, such as the names and birthdays of your friends and family, your favorite bands, or phrases you tend to use
• Mix personal and work-related passwords

Do:

• Create a new password for every system - the primary goal is password diversity
• Make passwords hard to guess, even by those who know a lot about you.
• Use a mix of numbers, letters (upper and lower case), and special characters but you don’t have to use them all
• Make passwords complicated enough to need the use of a password manager (we use 1Password)
• Create a password that is ideally 10 characters long
• We recommend using a passphrase or sentence so it’s easier to remember and meet the above requirements! Example: HungryAnteaterAte1400Ants!