Password Guidelines

Some do's and don'ts for password selection and management to keep you and the campus safe.

DON'T use your login name in any form (as-is, reversed, capitalized, doubled, etc.).
DON'T use your first, middle, or last name in any form.
DON'T use your spouse's or child's name.
DON'T use other information easily obtained about you. This includes license plate numbers, telephone numbers, social security numbers, the make of your automobile, the name of the street you live on, etc.
DON'T use a password of all digits, or all the same letter.
DON'T use a word contained in English or foreign language dictionaries, spelling lists, or other lists of words.
DON'T use a password shorter than six characters.
DON'T share your password with anyone, including anyone claiming to be from campus IT staff.
DON'T email your username and password to anyone.
DO use a password with mixed-case letters.
DO use a password with non-alphabetic characters (digits or punctuation).
DO use a password that is easy to remember, so you don't have to write it down.
DO use a password that you can type quickly, without having to look at the keyboard.

Choose a line or two from a song or poem, and use the first letter of each word.
Alternate between one consonant and one or two vowels, up to seven or eight characters. This provides nonsense words which are usually pronounceable, and thus easily remembered.
Choose two short words and concatenate them together with a punctuation character between them.
You should also change your password periodically, usually every three to six months. This makes sure that an intruder who has guessed a password will eventually lose access, as well as invalidating any list of passwords they may have obtained.

And please remember that IT staff will NEVER ask you for your password.