The University requires all computer system passwords to be at least eight characters, and meet three additional conditions from the following list:
- Uppercase characters
- Lowercase characters
- Special characters (non-alphanumeric) – excepting the % sign or a ‘blank space‘
A password containing at least 3 out of 4 of the criteria above is considered valid.
However, keep in mind that your password:
- Will expire 90 days after your reset it.
- Cannot contain significant portions of your username, or full name.
- Cannot be one of your 10 most recent passwords.
The days of setting a password to match the name of spouse, a child’s birthdate, or your telephone number are over; automated software used by hackers has made it too easy to guess these types of passwords.
You may need to start thinking “outside the box” and develop a new mindset when choosing passwords. Techniques we recommend:
- Replace letters with special characters: $ makes a great substitute for ‘s.’ @ can replace ‘a.’ A zero can take the place of an ‘o.’ Think of a 3 as a backwards ‘e.’
- Note that replacing letters with special characters doesn’t automatically create a strong password; you must combine this technique with numeric characters and other special characters to create a strong password.
- Use passphrases instead of passwords: Instead of thinking of a single word for your password, use a phrase.
- Consider abbreviating words to create even stronger passphrases.
- If your password is intruder-locked (e.g., ten failed attempts have locked the account), you can wait 30 minutes for the account to automatically unlock and try again.