- Home
- AntiVirus Downloads
- Disaster Recovery & Business Continuity Planning
- Incident Reporting
- Policy
- Security Handbook
- Resources
- AntiVirus Downloads
- Security Bulletin for Fake Antivirus
- Awareness Blog
- Credit Agencies Information
- Identity Theft
- Information Resource and Classification Guidelines
- Links
- Network Security Guide
- Password Guidelines
- Removing Cached Search Engine Results
- Scan Requests
- Securing MS SQL With Windows Firewall
- Securing Microsoft Windows
- Securing UNIX Systems
- UNT-FIRST
- Ubuntu Disk Encryption Install
- Training
- Awareness Articles
- Awareness Month
- Recent Phishing Attempts
- Phishing "Catch of the Day"
Information Security
Passwords
Passwords are required to be a minimum of 6 - 8 characters in length and should be composed of a combination of:
- Use a combination of letters, numbers, and special characters ($,@,^,#, etc.) with both upper and lower cases
- Use the first (or second, or last, etc) letter of each word in a phrase. e.g. - "The quick fox jumped over the lazy dog" might yield a password of "Tqfj^7ld"
- Use upper and lower case characters
- Choose passwords that are a minimum of eight characters in length
- Don't use a common word (of any language), including pet names, nicknames, sports times, religious figures, etc. These are all details that can be guessed or figured out by a social engineer trying to impersonate you
- Use different passwords for different systems, or at least for different levels of access. (high/medium/low security passwords)
- Never re-use a password
- Never use your EUID, account name, login name, or email address as a password
- Never use a blank/null password
- Do not write down and post a password in an obvious place, like on paper attached to a monitor.
- Do not give your password to anyone who asks, even if they are (or claim to be) technical support staf
- Make sure no one is looking over your shoulder while you type your passwords
Several types of passwords are considered weak and easy to guess. In order to avoid creating a vulnerable password, the UNT Account Management System will prevent you from choosing any of the following to create your password:
- Your EUID, account name, or login name
- Your Eaglemail address
- Any word that can be found in any English or foreign language dictionary
- Numerical substitutions for characters (h3lp, adm1n, pa$$w0rd, etc.)Passwords composed of numbers only, such as SSN, telephone number, or any part of your birth date.
- Blank or null password
- Any previously used password
Security of your account and password
- Passwords for continuing students, faculty, and staff will expire after 120 days from the date on which they were set
- Passwords for applicants, transfer students, and returning students will expire 60 days from the date on which their enrollment status changes to a "student" role. This usually occurs when the student registers for classes.
- If you forget your password or it expires, go to the Account Management System page to reset it: http://ams.unt.edu
- After a set number of failed password attempts, your account will be locked in order to prevent further unauthorized access attempts