Password Security

It's very important that you don't share your Teesside resources with other people. Resources could mean an email account, a PC login account - or even the use of a laptop or Tablet assigned to you. Should a security incident occur using any of your resources, you will be held accountable. Section 5 of the IT Acceptable use policy http://url.tees.ac.uk/aup states,

"You must take all reasonable precautions to safeguard any IT credentials (for example, a username and password, email address, smart card or other identity hardware) issued to you. You must not allow anyone else to use your IT credentials. Nobody has the authority to ask you for your password and you must not disclose it to anyone."

Passwords are your key to your Teesside University systems. It's vital that you use secure, difficult to guess passwords. It's important that you use a combination of upper & lower case letters, with a selection of numbers and other characters. This makes it difficult for an automated attack to try and guess your password from a dictionary. Always make sure your passwords are strong. 

Use three random words to create a strong password

A good way to create a strong and memorable password is to use three random words. Numbers and symbols can still be used if needed, for example 3redhousemonkeys27!

Be creative and use words memorable to you, so that people can’t guess your password. Your social media accounts can give away vital clues about yourself so don’t use words such as your child’s name or favourite sports team which are easy for people to guess.

Cyber criminals are very smart and know many of the simple substitutions we use such as ‘Pa55word!” which utilises symbols to replace letters.

 

Never use the following personal details for your password:

  • Current partner’s name
  • Child’s name
  • Other family members’ name
  • Pet’s name
  • Place of birth
  • Favourite holiday
  • Something related to your favourite sports team
     

Users are strongly urged to register with the self service password reset facility https://apps.tees.ac.uk/mylogin/ This web-based application enables a password to be reset without knowing the old password and without having to show physical proof of identity to set a new one.

 
There are several sites online where you can check the strength of a potential password, giving you an idea of how strong it could be. One such example is https://howsecureismypassword.net/  DONT USE a real password at this site!