Password Guidelines

The purpose of these guidelines is to provide password standards for online or other types of university accounts.

Each member of the campus community is responsible for the security and protection of electronic information resources over which he or she has control. Towson University passwords, including NetIDs, provide access to services and information and should follow the recommended guidelines and requirements.

NetID Passwords

Password requirements

Password strength will be guided in TU’s NetID Management systemBefore logging into your account, make sure your password meets these requirements: 

  • Be at least two days old before you can change it again 
  • Be at least 12 characters in length  
  • Be a passphrase, like "Ihatebrusselsprouts" 
  • Not contain any part of your name 
  • Not be one of your last 10 passwords 

Password change process 

Passwords must be updated or reset through the NetID Management webpage, Ctrl+Alt+Delete is not an option.  

Password change frequency 

Students are required to update their password once per year, faculty and staff every six months. Email notifications are sent to TU accounts when it’s time for a password change. 

Other Passwords

If you are responsible for managing an application, please refer to the State of Maryland Information Technology Security Policy (PDF) for detailed password guidelines. If you have additional questions about passwords, submit a TechHelp service request.

Password Tips

Don't

  • Use simple passwords like 123456, password, a pet's name, a birth date, a child's name, your address.
  • Use the same password for work and personal use. For example, don't use the same password for your online banking as you do for Facebook or Twitter. If one is hacked, the others may be as well.
  • Tell someone else your password - ever!
  • Use public computers (hotel, libraries) - they may be affected with malicious code that captures your keystrokes.

Do

  • Make it easy to remember
  • Make it long
  • Change your password if you think it has been compromised

How to Create a Strong Password

  1. Begin with a phrase that describes something about yourself like "Ihatebrusselsprouts."
  2. Add at least one lower and one upper case letter in the phrase: IHateBrusselSprouts
  3. Use symbols and/or numbers in place of letters: IH@teBrusselSpr0uts!
  4. Use only the first letter of each of the words in your phrase. Add special characters and/or numbers and add an abbreviation for the site at the end of the phrase.
  5. Watch this brief video for more guidance. 

Can't Remember that Password?

There are password manager programs that will help you remember your passwords and keep them safe. TU does not endorse a particular site or service, but provides some examples:

APP Cost Available For
LastPass Free Windows, Linux, Mac OS X
Intuitive Password Free Web
KeePass Free Windows, Linux, Mac OS X, iOS, Android
Adobe Reader Download button