Passwords

These are some helpful best practices on using passwords

Passwords for any system at York College must follow the following syntax:

• Password Length: Minimum of 13 characters.
• Complexity: Must include at least one uppercase letter, one lowercase letter, one number, and one special character.
• Password Expiry: Passwords must be updated every 180 days.
• Account Lock Policy: Accounts will be locked after 5 unsuccessful login attempts.
• Lockout Duration: Locked accounts will remain inaccessible for 15 minutes.

Helpful hints

Here are some helpful hints to guide you on creating a secure password:

• Never use the password you’ve picked for your York email or Network account at any online site: This is a mandatory policy for all CUNY students, faculty and staff. If you do, and an e-commerce site you are registered at gets hacked, there’s a good chance someone will be reading your e-mail soon. 
• Do not choose passwords based upon details that may not be as confidential as you’d expect, such as your birth date, your Social Security or phone number, or the names of family members or places you have visited.
• Do not use words found in a dictionary. Hackers use online tools that often come with dictionary lists that will try thousands of common names and passwords.
• Avoid using simple adjacent keyboard combinations: For example, “qwerty” and “asdzxc” and “123456” are trivial to crack.
• Avoid using the same password at multiple Web sites. 
• Never share your password or login credentials, this is a direct violation of CUNY policy on acceptable use of digital assets and resources. To learn more on this see POLICY