Securing Your Account and Password

open padlock

When using University computers, you are responsible for everything that happens while you are logged on. That means you should not leave a PC logged in while leaving the desk. It also means you have to choose secure passwords and change them regularly. Here’s some good advice on the Dos and Don’ts of password selection.

Dos

  • Passwords should be eight characters or more
  • Passwords should contain a mix of upper and lowercase characters, numerals and special characters such as punctuation marks
  • It is recommended that you use mnemonic phrases to help you remember your password. For example, “My mother’s maiden name is Zebedee, she is 91” produces “MmmniZ,si91” (Please Note: This particular password is barred on University systems)
  • Use of at least two numbers in a password is recommended
  • When you change your password it is recognised that this may be done in a hurry and lead to you choosing insecure passwords. It is suggested that using a mnemonic phrase with numbers enables you to alter one element e.g. the number, keeping the remainder of the password intact and making it simpler to remember. You should note that this method is slightly less secure than choosing a completely different mnemonic phrase.

Don’ts

  • Don’t choose a password of fewer than eight characters
  • Don’t use words from a dictionary
  • Don’t use permutations of dictionary words and numbers
  • Don’t use names associated with your circumstances
  • Don’t ever write down your password
  • Don’t pick well-known phrases for your mnemonic

Resetting your password

Your password will expire automatically every 120 days, however you can reset it at any time by browsing to our Self Service Accounts Administration system at http://ssaa.southwales.ac.uk.


Advice taken from “The Memorability and Security of Passwords – Some Empirical Results”. A technical report by J. Yan, A. Blackwell, R. Anderson, A. Grant University of Cambridge September 2000.