You’ve heard us speak during our National Cyber Security Awareness Month presentations about how Royal Roads’ networks fend off thousands of daily attacks by cyber-criminals. In looking at our own experience, the occasional user accounts we have seen compromised all had short, simplistic passwords. We’ve been fortunate as we’ve been able to contain the damage, however, other Canadian universities who have had similar experiences ended up with some disastrous results – clearly we need to ensure the same doesn’t happen here. One of the ways to do that is through increasing our security measures.
Passphrase details for Royal Roads:
- Complexity requirements: None. That's right - no requirements for "one number, one upper case character etc..." All you need is a short phrase, random words or a sentence.
- Passphrase length: A minimum of 12 characters, but as many as you like beyond that. Spaces, numbers and special characters can also be used but aren’t required.
- Uniqueness: This is important. The passphrase you choose must only be used for your Royal Roads University account – nowhere else. In order for us to minimize the complexity and the change frequency requirements, we needed to add this stipulation. It's also good practice.
- Frequency of change: None. Once you set your passphrase, it's yours to keep for as long as you want it. That’s it. (Note: there are some exceptions to this.)
Need more information on passphrases? Have a look at the article attached to this post - it's got some great information on passphrases. Still have questions? Contact the RRU Computer Services Help Desk or send an email to: firstname.lastname@example.org