Password Guidelines

Purpose

The purpose of these guidelines is to provide password standards for online or other types of university accounts.

Each member of the campus community is responsible for the security and protection of electronic information resources over which he or she has control. Towson University passwords, including NetIDs, provide access to services and information and should follow the recommended guidelines and requirements.

NetID Passwords

Password requirements

Password strength will be guided in TU’s NetID Management systemBefore logging into your account, make sure your password meets these requirements: 

  • Be at least two days old before you can change it again 
  • Be at least 12 characters in length  
  • Be a passphrase, like "Ihatebrusselsprouts" 
  • Not contain any part of your name 
  • Not be one of your last 10 passwords 

Password change process 

Passwords must be updated or reset through the NetID Management webpage, Ctrl+Alt+Delete is not an option.  

Password change frequency 

Students are required to update their password once per year, faculty and staff every six months. Email notifications are sent to TU accounts when it’s time for a password change. 

Password Tips

Don't

  • Use simple passwords like 123456, password, a pet's name, a birth date, a child's name, your address.
  • Use the same password for work and personal use. For example, don't use the same password for your online banking as you do for Facebook or Twitter. If one is hacked, the others may be as well.
  • Tell someone else your password - ever!
  • Use public computers (hotel, libraries) - they may be affected with malicious code that captures your keystrokes.

Do

  • Make it easy to remember
  • Make it long
  • Change your password if you think it has been compromised

How to Create a Strong Password

  1. Begin with a phrase that describes something about yourself like "Ihatebrusselsprouts."
  2. Add at least one lower and one upper case letter in the phrase: IHateBrusselSprouts
  3. Use symbols and/or numbers in place of letters: IH@teBrusselSpr0uts!
  4. Use only the first letter of each of the words in your phrase. Add special characters and/or numbers and add an abbreviation for the site at the end of the phrase.

Can't Remember that Password?

There are password manager programs that will help you remember your passwords and keep them safe. TU supports use of a password manager but does not recommend a specific service. Be sure to do research before selecting one to store your credentials. See the TechHelp Knowledge Base article on password managers for more guidance.