Good Password Practices FAQ
How do I create a strong password?
- Use 8 or more characters
- Choose a combination of:
- upper case letters
- lower case letters
- special characters such as ! $ * % @ # & -
(in some cases restrictions may apply )
- Avoid passwords that are easy to guess or to crack
- Dictionary words (mackerel, dandelion, millionaire)
- Foreign words (octobre, gesundheit, sayonara)
- Simple transformations of words (tiny8, 7eleven, dude!)
- Names, doubled names, first name and last initial (mabell, kittykitty, marissab)
- Uppercase or lowercase words (MAGAZINE, licorice)
- An alphabet sequence (lmnop) or a keyboard sequence (ghjkl;)
- Words that have the vowels removed (sbtrctn, cntrlntllgnc)
Are there any tips for choosing a strong password that can actually be remembered?
- Use lines from a childhood verse:
Jack be nimble, Jack be quick = JbeN#jbq1
- Use an expression inspired by the name of a city:
I love Paris in the springtime = 1LpntST!
Chicago is my kind of town = C1mYK0t*
- Use lines from a favorite song:
You can't always get what you want = uC4n+agwUw!
How do I change my password? top
- To change your MSU NetID, Domain, and/or Portal passwords go to https://www3.montana.edu/myprofile/.
- What if I can't even log on to my computer-- let alone get to the password reset page--
because my MSU Domain password has expired?
- You can change your MSU Domain password by pressing Ctrl-Alt-Del simultaneously and
then clicking the "Change Password" button.
- To change your MyInfo PIN log in to MyInfo go to the "Personal Information" section and select "Change PIN."
How often should I change my password?
- Change passwords every 6 months at least.
- Change "first-time" passwords that are issued to you immediately.
- Don't reuse old passwords.
- Don't use the same passwords for work accounts that you do for personal accounts.
- Whenever practical use unique passwords for all accounts
- Don't write passwords down and leave them in places not always under your control.
As a system administrator, what can I do to protect passwords on machines I manage?
- Replace your passwords every 30 to 120 days.
- Disable logon after a specified number of failed attempts.
- Use SSH or SSL for remote server authentication.
Don't use programs that send passwords in plain text such as Samba, FTP, Telnet,
Pathworks V 4.0.
- Don't use shared usernames and passwords.
- Change or disable the common user names such as Guest and Administrator.
- Log on at the lowest level needed for the work to be done.
- Disable or remove unused accounts.
MSU IT Center
Renne Library Commons
P.O. Box 173240
Bozeman, MT 59717-3240
Tel: (406) 994-1777
Location: 75 Renne
Chief Information Officer: