The following is recommended for passwords that you need to remember (i.e. ones you use frequently, such as your University account’s password):
- Use a passphrase made up of four or more unrelated but memorable words or symbols (for example: telephonemousepiraterain)
- Password length is more important than complexity
- You can use a special character as a word separator to add complexity, for example - , / or =
- If you can use a word from a different language this will also improve strength, e.g. maus instead of mouse
The more words you use, the more secure your password.
Do not use:
- One or two dictionary words with a number or symbol (e.g. computer123), keyboard sequences, (e.g., 123456, qwerty123, or qazwsxedc), or personal information
- 'Random' password-generating software or websites unless they are part of a reputable password manager (refer to the related article on password managers for more information)
- Your University password for anything but University IT systems
- The same password across different services like your bank account and University systems
When setting a new password you will also find you cannot use easily guessable words or phrases as part of your password. For example:
- Any of your personal details (e.g. first name, last name, username)
- Anything pertaining to 'University of Otago' or derivatives (e.g. OtagoUni, UniOtago)
- Any easily guessable words or keyboard combinations (e.g. password, pa55w0rd, qwerty, 12345 etc)
Contact AskOtago if you have any questions about creating a strong password.