Strong passwords

Creating strong passwords

Using three random words is the advice from the National Centre for Cyber Security (NCSC), when creating your passwords. 

By using a password that’s made up of three random words, you’re creating a password that will be ‘strong enough’ to keep the criminals out, but easy enough for you to remember.

Don't use words that are easily guessed or gleaned from your social media. Try to make the words as random and unrelated as possible, for example, 'vanilla-reopen-splashy'. We would recommend using a tool like Bitwarden's password generator.

The University's password policy requires a password of at least 10 characters, that include an upper and lower case letter and a number. It must also be different from your old password. Read more about our password policy here.

Once your password is set up, remember to use MFA as an added layer of security by following the steps outlined in our Multi-Factor Authentication webpage here.

Password do's and don'ts

Some useful do's and don'ts with passwords:

  • Do use two-factor authentication when it's available to keep your accounts safe
  • Do make sure all your passwords are unique, and don't repeat them for different accounts
  • Do use your browser or a password manager to help you to remember your passwords – remember to use a strong master password for a password manager
  • Don't use a commonly used password such as 'password1' or a password based on any publicly available information, like your birthday or the name of your pet
  • Don't reveal your passwords to anyone – your IT team or other provider will reset your password if necessary