Use secure passwords
Members of the University community log in to several accounts daily: UDSIS, Google Apps @UDel.edu, Sakai@UD, and other UD systems. We also log in to our computers when they start up, and we log in to different sites like Facebook, Yahoo, and Gmail every day.
It's not easy to manage the passwords you use—harder still to think of new, secure passwords that you'll remember. However, using the same password for more than one account or using a password that's easy to guess will not sufficiently protect your confidential information and may even expose other people's information, too.
Never use your UDel password on non-University login screens, even if the applications and services are part of your official coursework.
- Your password and the University information it protects could be at risk.
- University of Delaware login screens are distinguished by UD branding.
Follow the guidelines below to choose a secure password. Follow these guidelines for all of your online accounts.
Your UDelNet passwordYour UDelNet password, used with your UDelNet ID to access UD email, Library resources, UDSIS, UD HR systems, and other information restricted to UD, must conform to the following rules:
- UDelNet passwords must be between 12 and 30 characters in length.
- Best practice is to make a password or passphrase not based on a single word or name.
- All UDelNet passwords are tested using the following point scoring
system. Three points are required for approval.
- One point for using an upper case letter.
- One point for using a lower case letter.
- One point for using a number.
- One point for using any character not listed above with the exception of the 'space' character.
General password guidelines
- Use a unique password for each account you have.
- Use a password that you will remember.
- Whenever possible, choose a password that uses the most number of characters possible. As the length of your password increases, so does the security of that password.
- Using a passphrase is the best practice. Passphrases are strings of words or text that are longer than traditional passwords such as "K1ngH3nrytheV".
- Do NOT "remember" your username and password in your Internet browser. In general, this is an insecure method of storing passwords; anyone with access to your computer can also access your online accounts for which you've stored your login information.
- Consider using a password manager like LastPass. LastPass can store your username and password in an encrypted file, require multifactor authentication, and generate new passwords when you create new accounts.
- Always avoid
- dictionary words,
- names, including names of pets and best friends,
- dates, especially birthdays and anniversaries,
- sequences (qwerty, 12345),
- repetitions (aaaa, 0000), and
- "obvious" or commonplace passwords or passphrases (password, password1, letmein, UDpassword).
UD Password Checker
A new tool to let you see how strong a proposed password might be. Includes an explanation of the factors that makes your password strong or weak.
Create strong passwords (Microsoft Online Safety)
Outlines a method to create a memorable and secure password and includes an example.
Password Security (Duke
University IT Security Office)
Explains why password security is important, how passwords are stolen, and how to choose and maintain a secure one.
Consider using LastPass as a secure alternative to saving passwords in your browser. It's free, works across multiple devices, platforms, and browsers, and can even generate secure passwords for you to use. Also provides several other features—some for a low fee.
Secure Password Generator (PC Tools)
Generates a secure password with options to change the length, case, and character type. Use this as an example to generate a secure password of your own.