The purpose of these guidelines is to provide password standards for online or other
types of university accounts.
Each member of the campus community is responsible for the security and protection
of electronic information resources over which he or she has control. Towson University
passwords, including NetIDs, provide access to services and information and should follow the recommended guidelines and requirements.
NetID passwords must meet the following requirements:
- Be at least 2 days old before you can change it again
- Be at least 8 characters in length
- Use at least 3 of the following 4 different types of characters: uppercase letters,
lowercase letters, numbers, and symbols like !#$%&*+,-/:;()<=>?_
- Not contain any part of your name
- Not be one of your last 10 passwords
Student, faculty or staff that have forgotten or need to reset their NetID password can
find information and reset links on the NetID Tools page.
When creating a password for any online service or account at the university, follow
the NetID requirements listed above.
If you are responsible for managing an application, please refer to the State of Maryland Information Technology Security Policy (PDF) for detailed password guidelines. If you have additional questions about passwords,
submit a TechHelp service request.
- Use simple passwords like 123456, password, a pet's name, a birth date, a child's
name, your address.
- Use the same password for work and personal use. For example, don't use the same password
for your online banking as you do for Facebook or Twitter. If one is hacked, the others
may be as well.
- Tell someone else your password - ever!
- Use public computers (hotel, libraries) - they may be affected with malicious code
that captures your keystrokes.
- Make it easy to remember
- Make it long
- Change your password if you think it has been compromised
How to Create a Strong Password
- Begin with a phrase that describes something about yourself like "Ihatebrusselsprouts."
- Add at least one lower and one upper case letter in the phrase: IHateBrusselSprouts
- Use symbols and/or numbers in place of letters: IH@teBrusselSpr0uts!
- Use only the first letter of each of the words in your phrase. Add special characters
and/or numbers and add an abbreviation for the site at the end of the phrase.
- Watch this brief video for more guidance.
Can't Remember that Password?
There are password manager programs that will help you remember your passwords and
keep them safe. OTS does not endorse a particular site, but provides some examples:
Windows, Linux, Mac OS X
Windows, Mac OS X, iOS, Android, Kindle
||Windows, Linux, Mac OS X, iOS, Android