Strong computer passwords
Passwords are important, even in an environment where your computer is physically accessible only to you and your trusted colleagues. If your computer is on the network locked doors are no protection - it is accessible to the whole world. Passwords have to be secure against being cracked either by human beings or by machines.
When you are creating your password the system will run a number of checks to see how easy it is to crack. If the system decides your password is not strong enough it will be rejected and you will have to try again. Dictionary words will be rejected, as will common words from a language other than English. Your password will also be rejected if you do not have a numeral in the first eight characters.
Hints on good passwords
Your password must not be easily guessable. There are a number of very "popular" passwords which are well known to hackers. These include "password", "administrator", "banana", "homer", "abcdef", or the name of your computer. You should avoid anything obvious like this.
It is not enough to take a dictionary word and change one or two letters to numbers, or add a number at the beginning or end. Passwords created in this way are easy to crack.
However, because you must be able to remember your password without writing it down, there must be something to make it memorable, but known only to you.
- Passwords must be at least 8 characters long.
- In the first 8 characters, you must have at least one numeral and you should have one character that is not a letter or a numeral.
You can use any punctuation or special characters that are neither letters nor numerals. However, if you are a member of staff you should avoid using the following characters as they are reserved in some systems in use at the University:
Reserved characters: @ / : |
You can devise a password by using a combination of these devices:
- find a memorable sequence of words and use the initial letters
- mix upper and lowercase letters
- include some numerals (perhaps by substituting numerals for letters) or include some special characters
Examples
Don't use these exact examples, of course.
- Phrase: i do like to be beside the seaside
- initials: idltbbts
- mix upper and lower case: idltbBtS
- substitute numerals for letters: idl26BtS
- substitute a special character for a letter: id!26BtS
There are other devices, like taking two words and alternating the letters, for instance: horse and cart become hcoarrste, and with mixed case: hcoaRRste, and with substitution of a numeral and special character: hc0aRR?te
Passwords like this are relatively easy to remember, and yet are random enough to elude the password-crackers. Avoid numbers, words and phrases that people are likely to associate with you.
Changing or creating your password
- Changing your password
When asked for your username and password enter just your username, not your full email address (that is, don't include "@st-andrews.ac.uk") and give your current password. This will give you access to the password-changing facility. - If you have forgotten your password go to the IT Helpdesk in the Library to have it re-set. Take your staff or student ID card with you.
- New students only:
You will be asked to identify yourself giving your username and your student ID number
