What are the requirements/characteristics of my NetID password?
- Password is case sensitive
- Must be at least 8 characters long.
- Must be no more than 24 characters long.
- Must include at least 1 uppercase letter [A-Z].
- Must include at least 1 lowercase letter [a-z].
- Must include at least 1 number [0-9].
- NetID passwords MUST NOT contain any of the following:
- Your first name, your last name, or your NetID.
- The same character repeated more than 3 times consecutively.
- A previously used password.
- NetID passwords will expire and must be changed every 180 days.
Password Expiration Notification:
- An e-mail notification will be sent to your UW-Platteville e-mail address 10 days, 5 days, and 1 day before your password expires. The e-mail will have a subject of "UWP NetID Password Expiration Notification" and will not contain any links. This e-mail notification will be sent until your password is changed or expires. If your password has not been changed by the expiration date, your account will be inaccessible.
- You are encouraged to change your password before it expires in order to avoid disruption of access to University services. Passwords can be changed anytime at http://www.uwplatt.edu/go/password
- On the day that your password expires you may be notified via the Novell Client login window that you have 6 or less grace logins remaining. If you receive this notification when you login from a computer with the Novell client, you should change your password as it has expired. If you do not change your password, once these 6 grace logins have been used you will no longer have access to your account. As there are several methods of login that will use your grace logins, and not all users login using the Novell client for Windows, many users will not receive this grace login notification.
- If you allow your password to expire, you can reset your password by using the Password Self Service system. You will need the correct answers for the five challenge and response questions you previously answered in order to reset your expired password. If you are unable to answer your questions, you will need to visit your distributed IT support person, the Help Desk, or ResNet in person with your campus ID or another photo ID to have your password reset.
Frequently Asked Questions (FAQs) about passwords
Why do I have to be so careful with my password?
- Passwords are the primary defense and front-line security for your data. If someone obtains your password they have complete access to your account, your data, and to ALL the system privileges you have. You must not share your password because you are responsible for all actions taken by anyone with whom you share your password.
How do I select a good password?
- A good password needs to be easily remembered yet difficult for another user or password cracking program to guess.
- Length is important. A longer password provides greater security. Generally there is not need for a password with more than 14 characters.
- Mix it up. Use letters (a-z) and (A-Z), numbers (0-9), and special characters (!@#$%^&*-+). Do not use spaces in passwords, as some programs will strip out the spaces and not allow access to your account.
- Use an acronym. "My Dog Ate All The Cat Litter Again" could translate into "mD8atCla". These type of passwords are easy to remember from the phrase, yet a casual observer would have a hard time remembering it.
- Use misspelled words.
- Combine two words. "Binder Aardvark" could translate to "Bin+Ardv"
What are some bad password practices?
- DO NOT WRITE YOUR PASSWORD DOWN. Post-It™ notes on your computer monitor, in the top of your desk drawer, or under your keyboard defeat the purpose of having computer security. The key is to choose a password that you can easily remember without having to write it down.
- Do not use your login name or any variation of your login name (smith2003, htims, smithsmith, ...)
- Do not use any name associated with you or your family (middle name, maiden name, name of spouse, name of girl/boyfriend, kid's name, pet's name, street name, city name, name of favorite celebrity, name of favorite sports team, name of favorite movie, ...).
- Do not use any information about yourself that is easily obtainable (street address, telephone number, license plate number, social security number, ...)
- Do not use the same password for your Internet accounts (Gmail, eBay, Facebook, ...) that you use for your UWP computer systems. If you password is compromised on any of these systems, it can easily be compromised on all of your systems.
- Do not use any common word that is in a dictionary or any common names including brand names.
- Do not simply add a number to the end of your password when you change it (SmeOID11, SmeOID12, SmeOID13, ...)
- Do not re-use computer passwords.
- Do not use the "Remember My Password" feature of applications (such as e-mail clients) or web sites.
- Do not share your password. Passwords are part of your digital identity and control access to University information similar to how a key grants you physical access. Just like a key, a password is assigned to you, is meant for your use only and should not be shared with others or left unguarded.
Why do I have to change my password so frequently?
- UW-Platteville requires that you change your NetID password every 180 days to insure security. Passwords are part of your digital identity so it is important that you are the only person that knows your passwords. It is common for hackers to guess easy passwords and to use password cracking programs to try to gain access to your computer accounts. By frequently changing your passwords, you are making it more difficult for hackers to gain access to your accounts. It is estimated that 40% of passwords can be easily guessed by common password cracking programs.
What should I do if I believe someone has stolen my password?
- Immediately change your password. If you do not have access to your account, contact the OIT Help Desk or a lab consultant and ask them to reset your password. Remember that you will be asked to show your campus ID card before they will reset your password. Report any known or suspected compromises of your passwords to the OIT Help Desk (342-1400).