Creating Strong Passwords
Your account password is the key to your account security! Guard it carefully to protect the confidentiality and integrity of your work and all University assets. Accounts allow authorized users access to protected campus resources. Access to computerized records and confidential information is governed by federal and state law, as well as California State University policy
Password Do's, Don'ts, and Tips
- Do change your default password immediately after you log into your account for the first time.
- Do create a password you can remember easily without writing it down, but difficult for others to guess.
- Do use a password that you can quickly type without being obvious about what you are typing.
- Do follow all the directions you receive when you first pick up your account information (username and password).
- Do pick a password that is at least 8 or more characters in length, depending upon the password rules for the particular account. The more characters you have in your password, the harder it is to crack.
- Do use a password with mixed case (i.e. combination of upper and lower case) alphabets, numerals, and special characters (e.g., nuB9Kno!, ?CaLa3ltY, aRt-58ifCt).
- Do immediately report any incidents when you believe someone else is using your password or otherwise accessing your account. Call the ITS Help Desk at extension 3-6170.
- Do change your password often.
- Don't type in your password while anyone is watching – aka "shoulder surfing."
- Don't use a password that contains fewer than 6 characters.
- Don't use your username in your password.
- Don't use a dictionary word in your password.
- Don't repeat two or more characters in a row (e.g., BBBaaa!!!).
- Don't use all corresponding numbers or letters (e.g., 1234578, 87654321, abcdefgh, hgekcba).
- Don't share your password with anyone, at any time, for any reason.
- Don't log another person on to your account with your password.
- Don't carry your password in your purse or wallet.
- Don't post your password on your workstation, phone or desk.
- Don't enter your password into your smart phone or tablet computer unless encrypted.
- Don't use personal information, common names, Social Security Numbers, phone numbers, driver's license numbers, license plate numbers, brands of cars, employer, addresses, birth date, anniversary date or street names.
- Don't use your family's or pet's names, your favorite hobbies, TV shows, or movie names (e.g., Starwars1, Jane2Doe, 4precious, daffyDUCK, anthro8).
- Don't use another person's user ID and password.
- Tip: Make up a sentence and use the first letter of each word, plus a couple digits and/or punctuation marks at the beginning, middle, and/or end. Make sure these letters don't spell a dictionary word. (e.g., "Tennis anyone?" converts to a useful password: "!10Sne1?")
- Tip: Intentionally misspell a word and add digits and/or punctuation marks to the beginning, middle, and/or end. (e.g., "freeway" becomes "5friwey?")
- Tip: Swap numbers for letters and letters for numbers and/or special characters.