Accounts and Passwords

The Importance of Passwords

Why are passwords so important?

Passwords ensure the security and confidentiality of data that is stored on various workstations and servers across campus. Some of this data includes student and employee names and addresses, grades, evaluations, timetables, payroll etc.

It is your responsibility as a user, to make sure that all your account passwords are as difficult to guess as possible.

Did you know that…

  • a weak password can allow viruses to gain access to your computer and spread through the University of Ottawa’s network?
  • an easy-to-guess password can allow hackers to use your computer to hack into other computers connected to the University’s network?
  • these same hackers could use your e-mail account to send malicious messages to everyone in your address book, Inbox and others?
  • you could be held legally responsible for any damage caused by someone using your account? Refer to the University of Ottawa User Code of Conduct for Computing Resources (http://www.uottawa.ca/help/about/code.html) for more information.

Choosing the right password

Don’t use…

  • previously employed passwords or variations of them
  • proper names,
  • words from the dictionary,
  • common character sequences such as “123456”, mar2004
  • derivatives of user-IDs,
  • personal details such as variations of your own name, your spouse’s and pet’s names, license plate numbers, social insurance numbers, and birthdates

Do…

  • create passwords that are at least 8 characters in length
  • create passwords that are difficult to guess
  • use at least three of: alphabetic, mixed case, numeric and punctuation characters when creating a new password
  • vary the case of the letters such jSno34Rt

lightbulbTip: Think of a full sentence. Now take the first letter of each word from that sentence and add a few digits to the end. Voila! You now have a unique, difficult-to-crack password.

Example sentence: Coming up with new passwords is sometimes difficult.

Password: cuWnPIsd514

Never store written user-IDs and passwords together!!

lightbulbTip 2: If the system allows for long passwords, use a pass phrase. A pass phrase is easier to remember than a short, complex password, and is usually faster to type in as well. For example, consider the sentence, "I think, therefore I am." Use the complete sentence as your password. Remember that a proper sentence has punctuation and upper/lower case characters, so use a combination of these in your pass phrase. Our Active Directory accounts support pass phrases.

Related resources:

Change your centralized computer account passwords on-line at
http://www.ccs.uottawa.ca/accounts/change-password.html

Account Management: Guidelines and best practices
http://www.ccs.uottawa.ca/accounts/guidelines.html

© University of Ottawa
For additional information, consult our list of contacts.
Last updated: 2013.12.09