UO Password Policy:
- Follows Oregon state government guidelines
- Must change every 180 days
- Must be between 8 and 127 characters in length
- Must contain at least 3 of the following 4 items: a number, an uppercase letter, a lowercase letter, a special character
- Must not contain your: Duck ID, email, first name, full name, last name, nick name, or UO ID
- Must not be one of your last three passwords
- Don’t use personally identifiable information in your password such as:
- User name
- Pet’s name
- Child’s name
- Alma mater
- Hobby keyword
- Don’t write down your password. If you must store your password somewhere, keep them in a secured location. Password safes such as Dashlane, Lastpass, and KeePass make this task easier. Contact CASIT to set up an appointment to help you install one of these programs.
- Don’t share your password with other users. University IT professionals WILL NOT ask you for your Duck ID password. (They *may* ask you for passwords for a *local* computer account, which is not tied to your email account.)
- Don’t allow your browser to save your password in web forms.
- Don’t use the same password for multiple websites. For example, do not use your Duck ID password for your personal e-mail account, banking account, etc.
Any sequence of characters that satisfies the UO Password Policy and a password that can be easily remembered is recommended.
- Use numbers, special characters and spaces in your password
- If using words from a dictionary, use multiple words, not just one
- 5 zombies ate my neighbors!
- 0 rain in Eugene?
- Strawberry waffles? 1980
- 1973 Pre was FAST!
- Chip don’t go! 23
- Star! Wars! 1977!
- If you have many passwords that you must remember, use a password safe such as Dashlane, Lastpass and Keepass. CASIT would be happy to assist you in setting up these applications.
- If if easier to use the same password for some web sites, use the password for sites without sensitive data such as Twitter, blogging sites, news websites.
- Use different and complex passwords for financial accounts, e-mail, and shopping websites that retain your credit card information.