Use secure passwords

Important NOTE

Never use your UDel password on non-University login screens, even if the applications and services are part of your official coursework.

  • Your password and the University information it protects could be at risk.
  • University of Delaware login screens are distinguished by UD branding.

Members of the University community log in to several accounts daily:  UDSIS, Google Apps @UDel.edu, Sakai@UD, and other UD systems. We also log in to our computers when they start up, and we log in to different sites like Facebook, Yahoo, and Gmail every day.

It's not easy to manage the passwords you use—harder still to think of new, secure passwords that you'll remember. However, using the same password for more than one account or using a password that's easy to guess will not sufficiently protect your confidential information and may even expose other people's information, too.

Follow the guidelines below to choose a secure password and UD PIN. Follow these guidelines for all of your online accounts.

Your UDelNet password

Your UDelNet password, used with your UDelNet ID to access UD email, Library resources, UDSIS, UD HR systems, and other information restricted to UD, must conform to the following rules:
  • UDelNet passwords must be between 8 and 30 characters in length.
  • UDelNet passwords with fewer than 10 characters are passed through a stringent dictionary check before being approved. Best practice is to make a password or passphrase not based on a single word or name.
  • All UDelNet passwords are tested using the following point scoring system. Three points are required for approval.
    • One point for using an upper case letter.
    • One point for using a lower case letter.
    • One point for using a number.
    • One point for using any character not listed above with the exception of the 'space' character.
To change your password, log in to the Network page and follow the on-screen instructions.

Your UD ID PIN

Your UD PIN (UD Personal Identification Number) is a 6-10 digit number, used along with the UD ID, to provide authentication to certain UD systems. To ensure the security of personal information, your UD PIN must be kept strictly confidential.

General password guidelines

  • Use a unique password or PIN for each account you have.
  • Use a password that you will remember.
  • Whenever possible, choose a password that uses the most number of characters possible. As the length of your password increases, so does the security of that password.
  • Do NOT "remember" your username and password in your Internet browser. In general, this is an insecure method of storing passwords; anyone with access to your computer can also access your online accounts for which you've stored your login information.
  • Consider using a password manager like LastPass. LastPass can store your username and password in an encrypted file, require multifactor authentication, and generate new passwords when you create new accounts.

Resources

UD Password Checker
A new tool to let you see how strong a proposed password might be. Includes an explanation of the factors that makes your password strong or weak.

Create strong passwords (Microsoft Online Safety)
Outlines a method to create a memorable and secure password and includes an example.

Password Security (Duke University IT Security Office)
Explains why password security is important, how passwords are stolen, and how to choose and maintain a secure one. Also lists a timetable for how long it would take to crack passwords of a certain length (up to 8 characters).

LastPass
Consider using LastPass as a secure alternative to saving passwords in your browser. It's free, works across multiple devices, platforms, and browsers, and can even generate secure passwords for you to use. Also provides several other features—some for a low fee.

Secure Password Generator (PC Tools)
Generates a secure password with options to change the length, case, and character type. Use this as an example to generate a secure password of your own.