University of Glasgow Password Policy

University of Glasgow Password Policy

Policy agreed by the Information Governance Group (IGG) - Wednesday 11th January 2017

Passwords

Passwords must be

  • 8 characters minimum (however, a longer passphrase is recommended)
  • At least one non-letter
  • Changed at least once per year (default passwords should be changed straight away) 

What NOT to do

  • Don't use anything obvious like a name, a dictionary word in any language, a password used on another site, or a password you've used before
  • Don't write passwords down and leave them unsecured anywhere 
  • Never disclose or share your password with ANYONE.
  • Avoid using the same password for University of Glasgow accounts as for other, non-UofG accounts.

Passphrases

A passphrase is a longer version of a password and should, therefore, be more secure. A passphrase is typically composed of multiple words.

A good passphrase should be:

  • Long enough to be hard to guess
  • Easy to remember and type accurately
  • Not a famous quotation from literature or other published material

TIP: One way to create passwords that can be easily remembered is to base them on a song title or phrase. For example, the phrase: "This May Be One Way To Remember" could be used to create the password TmB1w2R

Here's an example of how to create and remember a good passphrase.

Support

  • If someone demands to know your password, refuse and refer them to the IT Helpdesk for advice. 

  • If you suspect that one of your accounts or passwords has been compromised then you must report this to the IT Helpdesk.

Related links