Password Security

Do you ever feel like you have to keep track of more and more accounts, usernames, and passwords with each passing year? It's so overwhelming that sometimes it's tempting to create a password that the easiest to remember instead of the one that's the most secure.

As a member of the William & Mary community you should never forget that your password is safeguards for your privacy and personal information. The passwords that we all use to access College computing systems (email, Banner, Blackboard, etc...) should be as secure as possible.

What you can do
  • Don't share your account and password with anyone.
  • Don't write your password down.
  • Use different passwords for different services.  (Students, your WMApps password should be distinct from your WMuserid password even though you have the same userid for both accounts.)
  • Change your password often, ideally more often than the required 12 month interval.
  • Be aware of phishing.
How you can create an effective password
  • Use at least eight characters.
  • Remove all the vowels from a short phrase. Example: llctsrgry ("All cats are gray")
  • Use an acronym. Choose the first or second letter of your favorite quotation. ("itsotfitd" for "It's the size of the fight in the dog")
  • Mix letters and non-letters in your passwords (numbers and punctuation characters on the keyboard).
  • Transform a phrase by using numbers or punctuation ("Idh82go" for "I'd hate to go" or "UR1drful" for "You are wonderful").
  • Avoid choosing a password that spells a word. But, if you must, then introduce "silent" characters into the word ("va7ni9lla").
  • Deliberately misspell the word or phrase ("choklutt").
  • Add random capitalization to your passwords. Capitalize any but the first letter. ("eIeIoH!" or "o.U.Kid")
  • Don't use your first, middle, or last name in any form.
  • Don't use a word contained in any dictionary. Masking these words by replacing letters with numbers is not sufficient protection.
  • Don't put non-alphabetic characters at the beginning or end of words. Passwords like 7laptop or rockiesx are easily guessed by password guessing programs.
Concerned about your password?

If you think someone may have guessed your password, or you shared it, or if your account has been compromised, you should change your password immediately!  If your account has been compromised due to phishing, forward the phish email to [[abuse]].

For additional password support or questions about password protections, contact the Technology Support Center at [[support]] or 757-221-4357.