Password Security

What are the guidelines for choosing a password at the University of Memphis?

The University requires all Universal User ID (UUID) account passwords to meet the following criteria:

  • You cannot select a password you have used previously
  • Passwords must be between 12-30 characters long
  • Passwords must include characters from at least three of the following categories:
    • lowercase letter (e.g. a,b,c)
    • uppercase letter (e.g. A,B,C)
    • number (e.g. 1,2,3)
    • special character (e.g. _ ! $ % ^ * + -)
  • You cannot use your first name, middle name, last name, UUID or Tiger in your password
  • Use at least two alphabetic characters (a-z)
  • Use at least two non-alphabetic characters from the following group:
    • 0 1 2 3 4 5 6 7 8 9 _ ! $ % ^ * + -

Password Change Frequency at the University of Memphis

The University requires all Universal User ID (UUID) account passwords to be changed every 6 months. The frequency of changing your password helps to keep it secure. Other ways to keep your password secure can be found below.

Best Practices when choosing a Password

  • Avoid using your Universal User ID (UUID), a dictionary word, or numbers associated with your personal information.
  • Avoid using blank spaces.
  • Avoid reusing any past or current passwords.
  • Keep it secure.
  • Avoid storing passwords where they are visible or in an unlocked desk.
  • Change passwords regularly and frequently.
  • No matter how complex a password is,
  • if you write it down,
  • it is NOT secure.

Password Security - Why should I care?

Your UUID and password give you access to all of the University's computing services. Every time you connect to the network, you enter your password to prove you are who you say you are. Should someone else else guess or steal your password, they can masquerade as you, which means the intruder would have access to your files, email, funds, personal information, etc. In short, an insecure password can easily wreak havoc in your life.

Examples of bad passwords:

  • Your name (even maiden names or your name spelled backwards is easy to guess)
  • Your UUID in any form
  • Name of a close relative, friend, or pet
  • Phone number, office number, address, or town
  • Birth date or anniversary date
  • Favorite sports team
  • License number, SSN, or any all-numeral password
  • Names from popular culture (Beatles, Spiderman, etc.)

How Can I Protect My Password?

  • Safeguard your password. Treat all passwords as restricted University information.
  • Take responsibility. You are responsible for the security of your passwords and accountable for any misuse if your passwords are disclosed or compromised.
  • Make your password unique. Do not use your UofM password for any other services offered elsewhere (i.e. personal Internet account, free e-mail account, instant messaging account, etc.). Your University password should be unique from every other password you use. This will limit your exposure if any of your passwords are compromised.
  • Avoid using the "Remember Password" feature. This feature, typically used to access secure applications, does not adequately protect passwords. It may be possible for a computer virus or unauthorized user to gain access to this stored information.