UC Davis Information & Educational Technology

Email Story Email this Story Print Story Print this Story

UC Davis will start expiring 8-character passwords Nov. 15

10/14/2010

Dates updated Oct. 29

Powerful computers are great. But hackers have them too.

So if you still use an 8-character password to protect your UC Davis computing account, you need to change it. Passwords that short are no longer sturdy enough to withstand high-powered attempts to bust them open.

Fortunately, the solution is simple--just upgrade your password to a passphrase. Proceed to the big blue arrow on the computing accounts page, follow the directions, and you're done.

Photo: A poster in the MU helps spread the word A poster in the MU helps spread the word

The upgrade is part of the campus's ongoing effort to improve privacy and computer security, but new federal minimum passphrase strength regulations also require the change. The passphrases can have anywhere from 12 to 48 characters.

More than half of faculty, students and staff have already upgraded, and compliance has been rising by about 2 percentage points per week since July 12.

Passphrases are flexible, and don't have to be exotic, complex or long. You can incorporate spaces, or use a string of dictionary words. A good passphrase can be easier for the user to remember--"I love the beach." meets the new standard--but the length deters hackers.

Accounts that have not been upgraded will be expired in phases from Nov. 15-23, 2010, and Jan. 24-Feb. 24, 2011. A calendar shows when different groups of accounts, arranged by alphabet, will be expired.

People who have not upgraded will see expiration warnings each time they log in, beginning two weeks before their password expires. Warnings for the first group--people whose login IDs start with Y or Z--will start on Monday, Nov. 1.

The warnings will tell you how many days you have left, and will continue until you upgrade or until your password expires. If it expires before you upgrade, you will lose access to your campus computing accounts.

But you can avoid all that drama by upgrading to a passphrase now.

Other key points:

  • Account holders can upgrade at any time from home, work, or a campus computer lab by using the computing accounts site.
  • People who have not set security questions must do so when they upgrade to a passphrase. The questions and answers they choose will help confirm their identity if they forget or lose their passphrase and need to create a new one.
  • People who have set security questions should review and update those questions.
  • Freshmen and transfer students already have passphrases, because the new standards took effect before they created their accounts.

The campus has posted instructions for creating a passphrase, and you can test potential passphrases to see if they meet the standard at the computing accounts page.



Email Story Back to main headlinesEmail Story Email this Story Print Story Print this Story

Stay connected

Add TechNews RSS feedAdd TechNews RSS Feed

Follow TechNews on twitterFollow TechNews on Twitter

Get weekly email updates Get Weekly email updates

Send your tech story ideas Send your tech story ideas


Most viewed stories

Levin addresses emerging topics of academic tech in UC Davis blog (Dec. 12, 2012)

UC student cited for illegal file-sharing knocks down '12 myths' in video (Sept. 17, 2011)

New website can help you identify authentic campus email messages (Oct. 25, 2012)

New 'clickers' recommended for UC Davis faculty, students (June 29, 2012)

Search TechNews

 

Advanced search

TechNews archives

Other IET publications

IET Report

IT Times

About TechNews

TechNews, produced by Information and Educational Technology, is a free online source of news and information about technology at UC Davis.

Learn more »