Additional Password Information

Password Restrictions

  • The maximum password age is 90 days. This is how long you can use a password before the system makes you change it.
  • The password history is set to five passwords. This is the number of unique new passwords that you have to use before you can reuse an old password.
  • Passwords must not contain all or part of your user account name.
  • All passwords must be at least eight characters and be a mixture of
    • lower case
    • Digits 0-9
    • Non-alphanumeric (%& _ *? and so on).


You must use a combination of at least three of these categories.

For example:

  • VeSPer21


  • aCAdemy*


  • You will have a small number of attempts at logging in before the system locks you out.  If this happens, you will not be able to log in to the network until you contact the IT Helpdesk to unlock your account.

How to choose a strong password

It's vital that your passwords are secure, and known only by you. Here's some Do's & Don'ts that may help you create a secure password.


  • uSE BoTh UppEr and loWEr case characters, digits, punctuation, and !@#$%^&* characters.
  • The more complex and random the password is, the harder it is to crack.
  • Create passwords that are essentially random but easy for you to remember.
  • Be wary of people hanging over your shoulder when you type your password. If you suspect someone of trying to get your password by watching you type it in, report them to IT Helpdesk immediately.


  • Do not use a word in the English dictionary or a minor variation on that word. Good password cracking programs check the whole dictionary
  • Never tell your password to anyone. If you ever get an email from someone, even if they say they are the system administrator, asking for your password for any reason, report it to the IT Helpdesk
  • Never write your password down
  • Never send your password through email
  • Don't use simple patterns of adjacent letters on the keyboard. On the surface, qwerty or asdfgh may seem random, but crackers check many of these patterns as standard practice.


Bad Password Ideas

  • A spouse's name, a child's birth date, your middle name (which you think no one knows about)
  • Your birth date (which you haven't told anyone about, so it "MUST" be safe)
  • Your Social Security Number, or similar forms of personal information. This includes mixing these pieces of information, such as using your birth year, your spouse's birth month and your child's birthday.

These information can be broken in several minutes of guessing, or after a few seemingly innocent conversations with your friends or family members.


How many passwords do I have?

Most members of staff will have at least two passwords: your Domain login and My Caledonian. You may also have login IDs and passwords for other systems including:

  • Oracle Systems
  • Telephone and Voicemail Systems

How often must I change my domain password?

For security reasons, you must change your Domain password at least every 90 days. You will see a reminder on screen each time you log in during the 14 days before you have to change it.

How do I get my account unlocked?

Contact the IT Helpdesk if your account is locked.