Secure Your Passwords
What is a Good Password?
A secure password is key to keeping your accounts, data, and info safe. If the internet is a door, your password is the key. You wouldn't leave your door unlocked, so don't leave your accounts or data unlocked.
Creating a Strong Password
Here's how to quickly create a strong password: make it long, complex, unique, and secret!
Long
The longer the password, the stronger it is. NYU IT recommends your password be at least 14 characters long. Try making a passphrase (based on a whole sentence, rather than just a word) that consists of several words or parts of words.
Complex
Be sure to vary character use when creating a secure password by alternating between lowercase and uppercase letters, numbers, and special characters.
Unique
Pick a password you've never used but that is easy for you to remember. An inside joke or a personal saying can be an easy trick for you to keep track. Just no famous phrases, birthdays, pet names, or song lyrics. Remember, no "password," "qwerty," or "123456789"!
Secret
Never tell anyone your password and never write it down in an easily-accessible place, such as the notes app on your phone. Avoid sending passwords via email or SMS, posting potential clues on social media, or re-using a password that's already been hacked.
Some “Dos & Don’ts” for Strong Passwords
- Use at least 14 characters
- Vary with uppercase letters, numbers, and special characters
- Create a passphrase of several words to be super secure
- Change it at least once a year, or more often (90 days) for specialty and high-security accounts
- Reset if you think it's been compromised (like after using a public computer)
- Keep it secret! Don't share it with friends, family, or roommates
- Remember to use MFA for a second level of account protection
- Don't reuse previous passwords or use the same one for more than one account
- Don’t use variations of your old passwords
- Don't use your NYU NetID or N-Number, first or last name, or the names of friends or fictional characters
- Don't use your birthdate or any other easily guessed numbers
- Don't use keyboard patterns (like qwerty)
- Never tell anyone your password, write it on a sticky note, email it, or post it on social media
- Don't allow your internet browser to remember passwords
- Never leave your computer unlocked or unattended
Avoid Less Secure Passwords
Common knowledge
Avoid using information that is easy-to-find online or posted on social media as the basis for your passwords or answers to security questions. Your answers don't even have to be truthful; just something you'll remember!
Not secret
Never tell anyone your password information. This means not telling friends, never emailing it, and never leaving it on a nearby sticky note.
Remember, NYU and most other institutions (like your bank) will never ask you for your password.
Already hacked
The least secure password is one that was already hacked! Never use a password for more than one account.
Additional Resources
- Check out the ServiceLink article on password requirements and security tips.
- Visit the NYU NetID and Password page to learn how to reset your NetID password.
- See the NYU Policy on Responsible Use of NYU Computers and Data, scroll down to Passwords in the Specifications, NYU Computer Security section.
IT Support
- Knowledge Base
- Global Support Contacts
- IT Support NY and Study Away
AskIT@nyu.edu
- IT Support Abu Dhabi
nyuad.it@nyu.edu
- IT Support Shanghai
shanghai.it.help@nyu.edu