• Skip to navigation
• Skip to content
• University home page

Information Services Account Management

Menu

• Staff Account Management
• Student Login
• Conditions of Use

How to Choose a Secure Password

About Passwords

Your password is the only way a computer can verify that the person using your account is really you. Anyone who can enter your password can access your account as if they were you -- perusing your private data, reading your electronic mail, altering or destroying your files, or performing illegal activities in your name.

Think of your password as a key: telling someone your password is like giving them a copy of the keys to your house. Having an insecure password is like leaving your front door unlocked, and in the electronic world malicious people are trying your doorknob every day. Choosing a secure password lets you protect your data and software as vigilantly as you would your tangible belongings.

Never Tell Anyone Your Password

You should never give your password to anyone else. Anyone who knows your password may perform acts using your account that you may be blamed for.

Password Requirements

• Policy will be technically enforced by the Identity Management System

• Passwords must be a minimum of 8 characters

• Passwords cannot be a dictionary word

• Should contain three of the following character types:

  • An upper case character

  • A lower case character

  • A number

  • A special character (e.g. %,#,@)

Additionally, for staff or honorary staff of the University,

• Passwords will expire every 4 months

• Accounts will be timed-out for 15 minutes after 5 unsuccessful login attempts

• None of the last 10 passwords can be re-used

Password Guidelines

In addition to the technical requirements of the password outlined above, obeying the following guidelines when choosing a password will guard against someone finding out your password and using your account illegally.

DO:

• use a password with a mix of upper-case letters, lower-case letters, numbers, and punctuation. The more different characters you use, the more secure your password is.

• choose a password that is easy to remember. If you have to write down your password then you won't be able to keep it safe.

DON'T:

• use your login name in any form. This includes backwards, doubled, capitalised, etc.

• use anybody's name. Names are easy to guess, even reversed, or capitalised, and are the first thing an attacker tries.

• use any personal information. Any information another person can find out about you is not secure. This includes your date of birth, address, telephone number, staff or student ID number, and the formation about anyone you know.

• use a password that is easily spotted when typing. Passwords that make patterns on the keyboard, like qwer1234, are easy for people looking over your shoulder to recognise.

Choosing a Secure Password

Try the following techniques for choosing a secure password.

• Choose a line or two from a song, poem, or other phrase and use the first letter, or second letter, etc, of each word with some punctuation and numbers included.

• Choose two short unrelated words and concatenate them together with a punctuation character between them and at the start or end.

• Comment on this web site
• Contact the University
• Course Enquiries