Outlook Web App | Campus Compass | Events | FSP Lookup | Infoboard

Friday, May 24, 2013 12:54 AM
Inside Tufts University Information Technology
GO >
this site tufts.edu people
   

Complex Password Standards

Strong password rules and requirements improve the security for everyone in the Tufts computing community.

Your Tufts Password must contain the following:

  • Minimum password length: 8 characters (can contain more)
  • Passwords cannot contain parts of your account name or your full name that exceed two consecutive characters
  • Password history: 5 - your previous 5 passwords are invalid and cannot be re-used
  • Passwords must contain characters from at least three of the following four categories:
    • English uppercase alphabet characters (A–Z)
    • English lowercase alphabet characters (a–z) 
    • Base 10 digits (0–9) 
    • Non-alphanumeric characters ( !@#$%^&*()-_+=;:´"}{[]|`~))

In addition to these requirements, passwords should:

Never be shared, written down, or e-mailed to others
Be easy to remember (for you, not others!) -
The temptation to use loved ones names, birthdays and anniversaries is great. But "easy to remember" can also become "easy to guess." And, in a world where hackers use sophisticated software to crack passwords, an easy password is an open invitation. The challenge is to create something that is memorable for you but tough for others to decipher.

Be changed frequently - The Tufts domain requires a password change every 180 days.

Be altered when used for multiple applications - A common trick is to integrate the application description into a base password that does not change, such as 1!T%@p ("I love to look at paintings"). When used for database access, it might change to d1!T%@pB; used for ISP access, it might change to W1!T%@pb.

Password Tricks - Using Mnemonics to Create Memorable Passwords

One way to create a memorable password is to use mnemonics disguise personal information in a way that is logical for you. Write out a sentence that has personal meaning for you. Then, take the first (or last) letters and mix with numbers and symbols to create your password.

Example #1:

"You donated five thousand dollars to Tufts University in 2001"

Becomes: Yd$5TU01

Capital "Y"; lower case "d" replaces " donate"; $5 replaces " five thousand"; capital "T" replaces " Tufts"; capital "U" replaces "University"; "01" replaces 2001.

Example #2:

"We have a girl who is 17 and a boy who is 5"

Becomes: Wg#17b#5

Capital "W"; lower case "g" replaces " girl"; "#17" replaces " who is 17"; "b" replaces " and a boy"; "#5" replaces "who is 5."

Related Links

The following links are sites on the Tufts web that include additional information about strong passwords and related security concerns:

Tufts Tools Online Password Change Form

Tufts Audit & Management Advisory Services - IT Security

UIT Guard IT - Smart Computing for Everyone

More Information:
Font Size
Printer-friendly version
 

Tufts Home | Site Map | Site Feedback | Contact University Information Technology
© 2013 Trustees of Tufts College. All rights reserved.

Tufts University