Choosing a password

How do I choose a good password?


It is important to note that this advice is regularly changing as password cracking technologies and methodologies change. Below we give a basic set of guidelines that you can follow that meets the minimum requirements.

Choosing a good password

Passwords should contain the following at minimum: 
- At least 8 characters
- Contains at least one capital-letter (A-Z)
- Contains at least one symbol ($&%*...)
- Must not include any part of your name
- For compatibility with some legacy systems, avoid the use of the following characters: / " : | ?


Changing your password

If you've received an email from Digital Services saying your password has now expired, please choose a new password by changing it on your Aston University computer by pressing CTRL + ALT + DELETE, and click "Change a password". You can also go to portal.office365.com, logging in to your Student or Staff email and change your password there instead. The email should not include a link - This is deliberate to ensure that only the methods outlined above are used for password changes as some very common scam and phishing E-mails try to encourage you to click a link to change your password, when in fact you'd be entering your password on an attackers website, opening the University and yourself up to compromise.

When changing your password, please avoid adding a number or letter to the end of your existing password, or changing or incrementing a number at the end of your existing password as this is not only a common method of getting around enforced password changes, but would-be attackers are aware of this tactic and adjust their tools to take full advantage of this weakness and it presents a larger threat to the University and your own personal data.