Passwords

How to choose a strong password

It's vital that your passwords are secure, and known only by you. Here's some do's and don'ts that may help you create a secure password.

Dos

  • uSE BoTh UppEr and loWEr case characters, digits, punctuation, and !@#$%^&* characters
  • The more complex and random the password is, the harder it is to crack
  • Create passwords that are essentially random but easy for you to remember
  • Be wary of people hanging over your shoulder when you type your password. If you suspect someone of trying to get your password by watching you type it in, report them to IT Helpdesk immediately

Don'ts

  • Do not use a word in the English dictionary or a minor variation on that word. Good password cracking programs check the whole dictionary
  • Never tell your password to anyone. If you ever get an email from someone, even if they say they are the system administrator, asking for your password for any reason, report it to the IT Helpdesk
  • Never write your password down
  • Never send your password through email
  • Don't use simple patterns of adjacent letters on the keyboard. On the surface, qwerty or asdfgh may seem random, but crackers check many of these patterns as standard practice

Changing your domain password before it expires

You can change your domain password using the following options:

  • While logged into your Windows PC (on-campus only): press CTRL+ALT+DEL and click Change a Password. Follow the instructions on screen to set a new password.
  • While logged into your Mac computer (on-campus only): go to System Preferences, Users and Groups, highlight your account and click change password, follow instructions on screen to set a new password.
  • After changing your password you must log out of your Mac then log back in for the change to take effect. After logging back in, follow the instructions to save your new password to the Keychain.
  • While logged into Staff Webmail (either on or off campus): click Options then select Change Password and follow the instructions on screen to set a new password.

If you are off-campus with a work laptop and your password needs changed, you can use the Staff Webmail option above to change your domain password. Please note, that you will need to continue to use your old domain password to log into the laptop until you are able to re-connect it to the University network.

Password information for encrypted users

If you are planning on working off-campus when your password is due to expire, consider changing your password before you leave as any changes to your password while not connected to the wired network can result in connectivity issues.

If your computer is encrypted, you must use the CTRL+ALT+DEL reset option while your computer is connected to the wired network before your password expires.

If your password has already expired, you must use the self-recovery option on the Endpoint login screen. You will need to be connected to the wired network to do this. If you are unable to complete self-recovery please contact the IT Helpdesk.

Password expiry notification for staff

You will receive an automated email from ithelp@gcu.ac.uk notifying you when your domain password is due to expire. These emails are sent at 14, 7 and 3 days before your password expires.

This is the only email address you will receive password expiry notifications from. If you receive notification from any other address, please report it to the IT Helpdesk.

How many passwords do I have?

Most members of staff will have at least one password: your Domain login. You may also have login IDs and passwords for other systems including:

  • Oracle Systems
  • Telephone and Voicemail Systems

How often must I change my Domain password?

For security reasons, you must change your Domain password at least every 90 days. You will see a reminder on screen each time you log in during the 14 days before you have to change it.

Password restrictions

  • The maximum password age is 90 days. This is how long you can use a password before the system makes you change it
  • The password history is set to five passwords. This is the number of unique new passwords that you have to use before you can reuse an old password
  • Passwords must not contain all or part of your user account name
  • All passwords must be at least eight characters and be a mixture of
    • UPPERCASE
    • lower case
    • Digits 0-9
    • Non-alphanumeric (%& _ *? and so on)

You must use a combination of at least three of these categories.

For example:

  • VeSPer21
    or
  • aCAdemy*

You will have a small number of attempts at logging in before the system locks you out. If this happens, you will not be able to log in to the network until you contact the IT Helpdesk to unlock your account.

 

Resetting a forgotten password

You can reset a forgotten domain password using the following options:

  • Call the IT Helpdesk and verify your security word
  • Visit the Library Desk with your Staff ID card
  • Log into My Caledonian, click the ‘Password Reset’ tab and follow the instructions to reset and reveal your domain password
  • Your Head of Department can email ithelp@gcu.ac.uk requesting a password reset on your behalf
  • If you are an Authorised Guest you can email ithelp@gcu.ac.ukfrom your personal registered email address requesting a new password.  Remember to include your AG username when emailing.

Bad password ideas

  • A spouse's name, a child's birth date, your middle name (which you think no one knows about)
  • Your birth date (which you haven't told anyone about, so it "MUST" be safe)
  • Your Social Security Number, or similar forms of personal information. This includes mixing these pieces of information, such as using your birth year, your spouse's birth month and your child's birthday.

This information can be broken in several minutes of guessing, or after a few seemingly innocent conversations with your friends or family members.

How do I get my account unlocked?

Contact the IT Helpdesk if your account is locked.