Password Construction Guidance
Passwords are a critical part of information security. Passwords are there to protect your College account from unauthorised access; however a poorly constructed password may result in your account being compromised.
Cyber criminals can use computers to guess and crack passwords to break into accounts in what is called a Brute-force. For this reason, it’s important to ensure you have a have a complex, hard to guess password that you can remember.
How to make a strong password
We advise that you create a password made up of three random words, doing so means your password will be ‘strong enough’ to keep out cyber criminals, but easy enough for you to remember.
We will only ask you to change your password if we suspect your account is at risk of compromise, so make your password long and memorable.
In addition to the three random word guidance, you should avoid passwords with the following characteristics:
- Shorter than 14 characters
- Contain personal information such as your name/username, date of birth, addresses, phone numbers, or names of family members, pets, and friends.
- Contain number or letter patterns such as ‘abcdefg’, ‘qwerty’, ‘123456’, etc.
- Are some versions of single words such as “Welcome123”, “Password123”, “Changeme123”.
- Are common phrases such as “iloveyou”.
- Based on the name of the College or other branded entities.
Keeping your password secure
You should keep your password private to yourself and never share it or reuse it across accounts. To help in remembering all these passwords you can store your password in your browser when prompted. The Microsoft Authenticator app you may be using for MFA can also be used to securely store passwords.