Strong Password Definition

Users of critical systems are required to use a strong password; a strong password must conform to all of the following:

  • Your password must contain at least one uppercase letter.
  • Your password must contain at least one lowercase letter.
  • Your password must contain at least one number or punctuation mark.
  • Your password cannot contain any common words or proper names of five or more characters, regardless of the case (upper or lower) of the letter.
  • Your password cannot contain invalid characters (spaces, tabs, accented letters, etc.).
  • Your password must be between eight and fifteen characters in length.
  • Your password cannot contain forward or reverse fragments of five or more characters of your first name, middle name, or last name, regardless of the case (upper or lower) of the letter.
  • Your password cannot contain forward or reverse fragments of five or more characters of your NetID/EnterpriseID, regardless of the case (upper or lower) of the letter.
  • Your password cannot contain forward or reverse alphabetic sequences of five or more letters, regardless of the case (upper or lower) of the letter.
  • Your password cannot contain forward or reverse numeric sequences of five or more numbers.
  • Your password cannot be changed to any of your twelve previous passwords.
  • Your password cannot be changed more than once in a twenty-four hour time period.
  • Your password must be changed annually.