Skip navigation

Account Password Rules

Strong passwords protect your computer and personal information. Hackers often use ‘dictionary attacks’ to break passwords, trying every possible combination of characters.

Use these pages to learn how to create strong passwords you can also remember. Check our Safe Password Tips for more information about maintaining your password.

OIT Account Password Requirements

The following rules are required for your OIT Account password. You can also use them for other passwords.

OIT Account passwords:

  • Must be between 8 and 16 characters.
  • Must contain characters from 3 of the following 4 categories:
  1. Uppercase characters (A - Z)
  2. Lowercase characters (a - z)
  3. Digits (0 - 9)
  4. Special characters (limited to the following):
    ! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~
  • Cannot contain 3 or more adjacent characters from your NetID
    (e.g., if your NetID is jdoe, then your password cannot be 4xP/doe/876).
  •  Cannot contain the reverse of your NetID (e.g., if your NetID is jdoe, then your password cannot be 4xP/eodj/876).
  •  Should not be solely composed of English or foreign words or proper names.

Strategies for Remembering Passwords

Complex passwords are notoriously difficult to remember. We recommend that you develop your own system for tracking passwords.

Create a Password Reminder in SPIRE

For your OIT Account password, store a word or phrase in SPIRE to help jog your memory in case you forget it:

  1.  Log on to SPIRE with your NetID and password.
  2.  In the SPIRE navigation, go to My SPIRE > Change My Password. To set your reminder, you will need to change your password first.

Use Themes & Rules

Choose a theme for all your passwords (e.g., your passwords are always based on your favorite songs or movies). Decide on a few rules that you'll use to construct your passwords. For example:

  1.  Select a song: Rome wasn't built in a day by Morcheeba.
    Theme: music. Rule: Use song name and artist.
  2.  Condense into a string of letters: rwbinadbm
    Rule: Use the first letter of each word
  3.  3. Add complexity: RwBi@dBm*00
    Rules: The first and third letters are always capitalized. 'a' is always replaced by '@", the password always ends with a symbol and two digits.

Note: Please do not use this example. Hackers often try passwords available in reference materials.

Use Password Storage Software

Password managers such as KeePass, SplashID, or the key chain feature for Mac OS X provide a central, secure location for all your passwords. Be careful, if you forget the master password or your computer breaks down, you will not be able to recover your passwords.

Note: OIT does not offer direct support for password storage software at this time.