Penn State Shield

Password Guidelines:

The following guidelines, excerpted from the ITS Password Policy, are based upon experience and common sense. The software used to change passwords will screen for most of these guidelines as an aid in creating secure passwords. This does not relieve a person of responsibility for creating and securing a good password. A set of additional best practices and guidelines for setting passwords is found via the ITS Access Account Password Management Web page.

  1. It must be at least eight characters in length. (Longer is generally better.)
  2. It must contain at least one alphabetic and one numeric character.
  3. It must be significantly different from previous passwords.
  4. It cannot contain the user ID.
  5. It cannot include the first, middle, or last name of the person issued the user ID.
  6. Special characters may be used to strengthen the password. For a list of allowed and disallowed special characters, see password best practices.
  7. It should not be information easily obtainable about you. This includes license plate, social security, telephone numbers, or street address.

For additional information, please see the The ITS Password Policy.