The following is recommended for passwords that you need to remember (i.e. ones you use frequently, such as your University account’s password):
- Use a passphrase made up of four or more unrelated but memorable words or symbols (for example: telephonemousepiraterain)
- While the minimum length is often 8 characters, 12 or longer is recommended and is easily achievable with three or four words (most University systems will require 16 characters minimum)
- Use a special character as a word separator, for example - , / or = . Characters " # $ : | ' and space cannot be used in University system passwords
- If you can use a word from a different language this will also improve strength, e.g. maus instead of mouse
The length of the password is more important than the complexity. The more words you use, the more secure your password.
Do not use:
- The characters " # $ : | ' or space, for University system passwords
- One or two dictionary words with a number or symbol (e.g. computer123), keyboard sequences, (e.g., 123456, qwerty123, or qazwsxedc), or personal information
- "Random" password-generating software or websites unless they are part of a reputable password manager (see the related article on password managers for more information)
- Your University password for anything but University IT systems
- The same password across different services like your bank account and University systems
Your University password
In addition to the above, the following criteria apply:
- It must be at least 16 characters long
- You will not be able to re-use any of your previous 8 passwords
- You will only be able to change your password once in a 24 hour period
- There is no requirement for inclusion of special characters e.g. uppercase/lowercase letters, numbers or non-alphanumeric characters
Contact AskOtago if you have any questions about creating a strong password.