UWA Logo
  Prospective Students | Current Students | Staff | Alumni | Visitors | About    
           
Home
Students
Staff
Staff - Getting Help Staff - Getting Help Get Help & FAQs
Staff - Accounts Staff - Accounts Staff Accounts
Staff - Pheme AccountStaff - Pheme Account Staff - Pheme Account Pheme Account
Staff - Central Network AccessStaff - Central Network Access Staff - Central Network Access Central Network Access
Staff - Local Faculty AccountsStaff - Local Faculty Accounts Staff - Local Faculty Accounts Local Faculty Accounts
Staff - CylleneStaff - Cyllene Staff - Cyllene Cyllene Account
Staff - Changing Your Cyllene PasswordStaff - Changing Your Cyllene PasswordStaff - Changing Your Cyllene Password Staff - Changing Your Cyllene Password Change Cyllene Password
Staff - Cyllene Password GuidelinesStaff - Cyllene Password GuidelinesStaff - Cyllene Password GuidelinesStaff - Cyllene Password Guidelines Staff - Cyllene Password Guidelines Password Guidelines
Staff - Forgotten Password FormStaff - Forgotten Password FormStaff - Forgotten Password FormStaff - Forgotten Password Form Staff - Forgotten Password Form Forgotten Password Form
Staff - Forgotten Cyllene PasswordStaff - Forgotten Cyllene PasswordStaff - Forgotten Cyllene PasswordStaff - Forgotten Cyllene Password Staff - Forgotten Cyllene Password Forgotten Cyllene Password
Staff - Cyllene AuthorisorsStaff - Cyllene AuthorisorsStaff - Cyllene Authorisors Staff - Cyllene Authorisors Authorisors
Staff - Cyllene FAQsStaff - Cyllene FAQsStaff - Cyllene FAQs Staff - Cyllene FAQs Cyllene FAQs
Staff - Cyllene ManagementStaff - Cyllene ManagementStaff - Cyllene Management Staff - Cyllene Management Cyllene Management
Staff - SNAP AccountStaff - SNAP Account Staff - SNAP Account SNAP Account
Staff - Email Staff - Email Email
Staff - Internet and Network Access Staff - Internet and Network Access Internet & Network Access
Staff - Software at UWA Staff - Software at UWA Software at UWA
Staff - Audio Visual Unit Staff - Audio Visual Unit Audio Visual Unit
Web Publishing Web Publishing Web Publishing
Staff - Telephony Service Staff - Telephony Service Telephony Service
Staff - Training Staff - Training Training
Staff - Service Listing Staff - Service Listing Service Listing
Staff - ITS Local Support Staff - ITS Local Support ITS Local Support
IT Support Staff
IT Service Desk
Contact ITS
Status & Notices
Forms
Policies
Strategy
Site Map

Password Guidelines

A guide to password security, and choosing a password

Password Security

You identify yourself to the computer system when you login. Your username tells the computer who you are; your password proves that you are who you say you are. Like the PIN on your bank teller card, your password is the key to your account. You must always keep it secret.

NEVER, under any circumstances, should your password be the same as your username or your real name.

If someone else knows, or is able to GUESS, your password, then the computer system has no way of telling them apart from you. They can gain access to our computers; from there they can try to break into other computers around the world. They cause mischief in your name (eg broadcast defamatory messages or download illegal pornography). You could be held responsible for their actions.

  • Always keep your password a secret.
  • Never tell your password to anyone else.  This includes people in authority.  They should have no need to know your password. 
  • Never change your password to a string known or suggested by someone else.
  • If you must write your password down, keep it in a safe place.  

How to choose a password

Password security isn't just a matter of thinking up a nice word and keeping it to yourself. You must choose a password which will be difficult for someone else to guess or crack.  

Spying

A lot of ATM fraud is based on watching you type your PIN and making phony ATM cards using account details from discarded ATM receipts.

Similarly, a common way of finding out your password is simply to watch you type it in.

You can make it harder for someone to spy on your password if you:

  • Ensure nobody is watching you type your password
  • Use longer passwords
  • Use passwords you can type quickly and comfortably
  • Avoid obvious sequences like 'qwertyui' or '!@#$%^&*'

 As a matter of courtesy, always turn away, or step back from the screen, when someone else is entering their password.

Guessing Passwords

We often have a tendency to forget passwords, so we choose something that has particular relevance to ourselves: the name of a loved one, our favorite car, sport, or ice cream, etc. Anyone knowing a little about us can make a list of these words and easily crack the password. All-digit passwords usually fall into this category - birthdates, phone numbers.

A group of crackers happened upon the modem numbers of a big company. They spent a day or two, under the pretence of conducting a school social studies project, surveying people leaving the building. By asking lots of questions about people's lifestyles, theyput together a list of possible login names and passwords. Using the modems to dial into the computer, they managed to crack several accounts and gain access to the company's records.

DON'T use  

Words that can be associated with you 

Dictionary, Atlas, etc. words

The computer can test these words in less than an hour. A program with access to a good dictionary has a very good chance of cracking a password that is a real word. Crackers with a CD-ROM will soon have access to extensive dictionaries of words, place names, foreign languages, song titles, Shakespearean characters, street directories and the like. This can include minor modifications such as the addition of a digit or an initial uppercase letter.  

DO use

Preferably something you can remember, that can be typed quickly and accurately and includes characters other than lowercase letters.

Examples:

  • Made-up "words" -  chokBel8  (can be "pronounced", has a digit)
  • Personal acronyms - ihCbltdT  (i hate Coffee but love to drink Tea)
  • Mispell and/or invert syllables or words - D0gzmaDD  (instead of 'mad dogs' - also replaces letter o with digit zero)

Do NOT use any of the actual examples above.

 

Change your password frequently

If you change your password frequently (every four to six weeks) it is less likely that your password will be cracked. If your password is cracked, changing it frequently will limit the damage a cracker can do and force them to begin cracking it all over again.

 

Changing Your Password

Most systems at UWA have a system that will allow you to change the password by entering

  • your username
  • the current (or "old") password
  • a new password
  • a verification of the new password (to minimise the chance you won't know the new one because you accidentally made a typing error).  It first asks for your old password, to ensure that only you can change your password. It then asks for you to enter your new password, and to enter it again, to verify that you didn't make a typing mistake.

If you forget your password, you may need to contact the system administrator for information relating to getting a new one for that system.

It is preferable to remember your new password without writing it down.  Practice your new password by logging in and out a couple of times immediately and also again later that day if possible.  If you must write it down, store it safely. 

Never use any example passwords given in this web page or similar documents.

Top of Page