Students, faculty, and staff can learn about passphrases and best practices for creating them.
Password Management Video Guide
Iframe | ||||||
---|---|---|---|---|---|---|
|
Strong passwords are essential for your online safety. ITS has the following password guidelines for NetID passwords, and we recommend that you follow these best practices when creating passwords for other services.
Password Guidelines
Complexity rules help you create passwords strong enough to protect your account. The following are the NetID password requirements on all newly created or changed passwords.
Minimum password length is 12 characters.
The password must contain characters from three of the following four categories:
Upper Case: A B C ...
Lower Case: a b c ...
Numbers: 1 2 3 ...
Symbols: ! @ ? ...
Reusing any of the last 10 passwords is not allowed.
Creating a password that ITS systems identify as being exposed in a data breach is not allowed.
The password must not contain 3 consecutive characters contained in your name or NetID. For example, Jonathan wouldn’t be able to use a password that contained “Jon”, “nat”, or “han”.
Tip |
---|
Don’t re-use passwords! They should be unique for each service. If one of your passwords is stolen, the compromise is contained to that one service and cannot be leveraged to exploit others. |
Passphrase Overview
Passwords can be difficult to remember, especially when they are composed of a random combination of letters and numbers and/or you have more than one of themyou have many unique ones to match different password requirements. Instead of a password, you may consider using a passphrase.
...
The permutations in using a passphrase are virtually endless and easier for most people to remember.
Best Practices
You should still keep in mind the following best practices:
Do not reuse passwords for important websites.
Do not use children or pet names.
Do not use music lyrics or other well-known phrases.
Do not reuse passwords that have been compromised.
Do not simply add or increase a number at the end of a password.
You should use a password manager for your passwords. Products like Lastpass, Dashlane, and 1Password all have free versions UConn offers a LastPass service to all faculty, staff, and students.
You should use two-factor or multi-factor authentication on any account that offers it. This is the best way to prevent your accounts from being misused, and it is increasingly available across an ever-increasing number of services wesbites including financial websites, social apps, and even gaming sites like Steam.
Related Articles
Filter by label (Content by label) | ||||||||
---|---|---|---|---|---|---|---|---|
|
...