Student Password Advice & Guidance



NB: Students are no longer required to change their password every 90 days.

If you need to reset your password please read the guidelines below then follow the instructions here:  Forgotten Your Password?


Password Guidelines

Try to create passwords that you can remember easily. One way to do this is create a password based on a song title, affirmation, or other phrase. For example, the phrase might be: "This may Be One way To Remember My password" and the password could be: "TmB1w2RMp!" or "Tmb1W>rmP~" or some other variation Password.

Protection Standards:

  •  Always use different passwords for University accounts from other, non-University access (e.g., personal email account, eBay, etc.).   
  •  Do not share University passwords with anyone
  •  All passwords are to be treated as sensitive, confidential University information.   
  •  Passwords should never be written down or stored on-line without encryption. 
  •  Do not reveal a password in email, chat, or other electronic communication. 
  •  Do not speak about a password in front of others. 
  •  Do not hint at the format of a password (e.g., "my family name")  
  •  Do not reveal a password on questionnaires or security forms  
  •  If someone demands a password, refer them to this document and direct them to IT Services.
  •  If an account or password compromise is suspected, report the incident to the IT Service Centre tel :01332591234

Password Rules 

 Passwords must contain characters from three of the following five categories:  

  1.  Uppercase characters of European languages (A to Z, with diacritic marks, Greek and Cyrillic characters) 
  2.  Lowercase characters of European languages (a to z, sharp-s, with diacritic marks, Greek and Cyrillic characters) 
  3.  The numeric digits 0 to 9 
  4.  Non alphanumeric characters: ~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/ 
  5.  Any “Unicode” character that is categorized as an alphabetic character but is not uppercase or lowercase. This includes “Unicode” characters from Asian languages. 

 Passwords must contain at least 8 alphanumeric characters, with 14 characters recommended. 

DO NOT reuse passwords for personal websites.

Remember that after 7 consecutive login failures the user account will be disabled automatically for 30 minutes 


A weak or invalid password has at least one of the following characteristics:  

  •  It contains fewer than eight characters  
  •  It is a word found in a dictionary (English or foreign)  
  •  It is a common usage word such as:  
  •  Names of family, pets, friends, co-workers, fantasy characters, etc.  
  •  Computer terms and names, commands, sites, companies, hardware, software.  
  •  The words “University” "uniderby", "derbyuni" or any derivation.  
  •  Birthdays and other personal information such as addresses and phone numbers.  
  •  Word or number patterns like aaabbb, qwerty, zyxwvuts, 123321, etc.  
  •  Any of the above spelled backwards.  
  •  Any of the above preceded or followed by a digit (e.g., secret1, 1secret).  


Have more questions? Submit a request


Powered by Zendesk