Password Guidelines
What to do:
When creating a password use the following criteria:
- Contain both upper and lower case characters (e.g., a-z, A-Z).
Have digits and punctuation characters as well as letters e.g. 0-9, !@#$%^&*()_+|~-=\ {}[]:";'<>?,./). - Are at least eight alphanumeric characters long.
- Are not words in any language, slang, dialect, jargon, etc.
- Are not based on personal information, names of family, etc.
TIP: One way to create passwords that can be easily remembered is to base them on a song title or phrase. For example, the phrase: "This May Be One Way To Remember" could be used to create the password:
"TmB1w2R!?.
What not to do:
- Never disclose your password to ANYONE.
- Never talk about a password in front of others.
- Never share passwords.
- Don't use the "Remember Password" feature of applications (e.g., Web browsers, E-mail reader, etc).
- Don't write passwords down and leave them unsecured anywhere in your office.
- Never store passwords in a file on ANY computer system (including PDAs or similar devices) without encryption.
If someone demands to know your password, refer him or her to this document or the IT Services Helpdesk for advice.
If you suspect that one of your accounts or passwords has been compromised then you must report this to your local IT support staff, the IT Helpdesk or the University of Glasgow Computer Emergency Response Team (GLA-CERT) email: cert@gla.ac.uk and change all your passwords.
For further information regarding password security please see the University Password Policy.