SSU Information Technology: Improved Password Standards

« Servers scheduled for maintenance evening of February 26, 2009 | Archive List | WebCT Winter 2008 Course Clean-Up »

Improved Password Standards

Beginning March 30, standards for passwords on Seawolf accounts will be changing. The maximum lengths have been expanded to 28 characters, and password phrases are now supported.

The next time your account password expires you will be prompted to update your password or password phrase using these new standards:

8-28 characters long
A combination of letters, numbers and special characters, containing at least three of the following character types:

Lowercase alphabetic character (a-z)
Uppercase alphabetic character (A-Z)
Special character (~!@#$%^&*()_+`-={}[]|\:;"'<,>.?/ )
Number (0-9)

Passwords can be reused after 6 other passwords have been set.

These changes affect LDAP, Solar and Lunar, and the services using those accounts:
SSU email, WebCT, CMS, workstation/domain logins, MeetingMaker, IT and Library computing labs, WiFi login, Graymail and SpamAssassin, and browser access to some SSU websites. Other SSU computing services may use these new standards in the future.

Tips For Creating Good Password Phrases

Using the tips below will help you choose a password phrase that is easy for you to remember, but difficult for others to guess.

Use a short phrase with spaces and punctuation. These can be easy for you to remember, but because of the length, are difficult to guess.
Use uppercase letters where you normally wouldn't.
Add a touch of nonsense to make it more unpredictable.
Replace some of the letters with numbers that sound like words or resemble letters.
Use mnemonics to disguise a phrase that's meaningful to you.

Examples of Good Password Phrases

seVen Seawolves 8 apples?
Coy0tes crave neW $Hoes
I1asti9thg!
(stands for "I won a swimming trophy in 9th grade!")
HmWc@wC?b##
(stands for "How much wood could a woodchuck chuck? About two pounds")

Bad Passwords - Don't Do This!

Don't use well-known quotes and phrases.
Don't use words or phrases with too few unique characters.
Don't use long strings of sequential letters or numbers, or keys that are just next to each other on the keyboard.
Don't use your name, birthday, social security number or drivers license number.
Don't use your student/employee ID number, or other information that can easily be gathered about you.

Examples of Bad Password Phrases

To be or not to be!
Mary had a little lamb.
aaaabbbbcccc1111
abcdefg1234567890
qwerty09876
johnsmith1284

Have Questions? Need Assistance?

Contact the IT Helpdesk at helpdesk@sonoma.edu or 664-HELP.

Posted by mooreb at March 9, 2009 3:48 PM

IT News