Choosing a Strong Password
- Future Students
- Current Students
- Research and Teaching
- Partners and Community
- About JCU
- Celebrating 50 Years
- Advanced Analytical Centre
- Applying to JCU
- Australian Lions Stinger Research
- Australian Tropical Herbarium
- Association of Australian University Secretaries
- Careers and Employability
- Australian Quantum & Classical Transport Physics Group
- Centre for International Trade and Business in Asia
- College of Healthcare Sciences
- College of Medicine and Dentistry
- College of Science and Engineering
- COVID-19 Advice
- Diploma of Higher Education
- Division of Tropical Environments and Societies
- Economic Geology Research Centre
- Graduate Research School
- Indigenous Education and Research Centre
- Student IT Essentials
- Staff IT Essentials
- Help and Support
- Stay Informed
- Choosing a strong Password
- Data Protection
- Device Security
- Email Safety
- Online Security at Home
- Web Safety
- Malware and Virus Protection
- Keep a clean device
- Protect myself from phishing
- Recover a hacked or compromised account
- Protect your digital reputation
- Report a cybersecurity incident
- Password Manager
- ICT Service Catalog
- International Students
- JCU Eduquarium
- JCU Global Experience
- JCU Halls of Residence
- Language and Culture Research Centre
- Marine Geophysics Laboratory
- Open Day
- Parents and Partners
- Pathways to University
- Planning and Performance
- Planning for your future
- Professional Experience Placement
- Rapid Assessment Unit
- JCU Connect
- Safety and Wellbeing
- Scholarships @ JCU
- Study Now
- Student Equity and Wellbeing
- VAVS Home
- Australian Institute of Tropical Health & Medicine
The importance of using a strong password can't be emphasised enough.Your password is verifies your digitial identity - like an online passport. .
The top reasons people gain unauthorised access to a password protected system is they guessed someone's password, often because they found it on a piece of paper next to the computer or because they saw the person type the password in, but also because they use software programs that are VERY good at guessing common passwords.
The following guidelines will guard against someone finding out your password and gaining unauthorised access to your account:
- Make your password into a passphrase . The longer a password is, the more difficult it will be to attack the password by guessing (or brute force). A passphrase is simply a phrase or sentence that you use, instead of a word or set of characters. Passwords/passphrases should be a minimum of 8 characters long but if you want to really impress, they should be 11 or more.
- Use unique passwords. Make sure you use a unique password for every online service you use.
- Avoid publicly available information. We share a lot on social media, do not use personal information in your password that someone else is likely to be able to figure out. Obviously, things like your name, phone number, date of birth and address are to be avoided.
- Avoid common words. Don't ever be tempted to use one of those common passwords that are easy to remember but offer zero security. e.g. "password", "letmein" or key sequences that can easily be repeated. e.g. "qwerty123","asdf1234" etc.
- Change it periodically. It is a good habit to change or rotate your passwords on a regular basis, every 6-12 month.
What is a passphrase?
ICT advise that you use a passphrase rather than a password for your JCU accounts. A passphrase is simply a phrase or sentence that you use, instead of a word or set of characters.
If there is no limit on a password length, use a passphrase. e.g. "Europe is beautiful this time of year." However, if you have to pick a smaller password, just use the first letter of each word and swap some of the letters for numbers: "E1bTtof7”.
JCU has NO maximum limit on passwords but for non-JCU accounts, it is important to confirm the maximum number of characters allowed. If the system only allows an 8 character maximum, and your passphrase is "everyone loves chocolate cake for their birthday" your password will actually just be "everyone" and that's a dictionary word!