Easier and more secure passwords
Choosing the right password is one of the most important steps to protecting your Bond University network account. It should be easy for you to remember while being hard for someone else to guess or hack.
Previously - Bond University password guidelines were based on industry recommendations created more than 15 years ago. Over time with the rise of online usage, these recommendations have been shown to be based on incorrect assumptions about the strength of passwords, and greatly underestimated how normal human behaviour can make passwords weak. These outdated guidelines included complexity rules to add capitals, numbers and symbols, and forcing regularly changes of passwords, which have often resulted in compliant but easily guessed password such as [email protected], B0nduni! or Feb2021!.
Present-day - Current password best practice has been informed by real-world password breach data, and extensive research by cyber security experts. It has shown that creating a longer password that is easy to remember is far more important than complexity rules, and that periodic password changes actually weaken security by driving users to follow patterns when creating their replacement password (e.g. BondMay1 becomes BondJune1). The new recommendations advocate using passphrases which combine security via password length, with something a user can easily remember - a passphrase is a password composed of a sentence, a phrase, or a random series of words.
Lifetime easy to remember passwords
By removing complexity rules and periodic changes you should now be able to use a password or passphrase that is:
- Easier to remember.
- Less difficult to type.
- Will never expire.
- More secure to protect your Bond University network account.
Requirements for your password
- Meets Minimum Length: Your password must be at least twelve characters long.
- Not Recently Used: It cannot be a password you have previously used for your Bond University network account.
- Not Commonly Used: It cannot be found on a list of commonly used or known compromised passwords.
- No Account Identifiers: It cannot include your user ID, first or last name.
- No Dictionary words: It should not be a single dictionary word. (It may contain multiple dictionary words)
- No Personal Information: Do not include any other personal information that could be used to guess your password, including phone numbers, licence numbers, names of children or pets, birthday or anniversary dates, favourite sports teams or bands.
- Exclusive Use: It should be unique and only used for your Bond University network account. (This is good practice for every password).
Recommendations for your password
- Length increases security: The strength of a password can be enhanced by both the total length, and greater length of individual words contained in a password or passphrase.
- Use a passphrase: Passphrases are a password that can be composed of a sentence, a phrase, or a random series of words in a sequence that is unique and memorable to you, but makes little sense to anyone else.
- Avoid common phrases: Using an exact known phrase, quote or lyric can make your password weak, even if it meets the length requirement. You can however use this as a starting point and mix it up by adding additional random words, numbers or symbols.
Tips and examples
If you are having trouble creating a password, we recommend following the tips below to make an easy to remember passphrase, that is hard to for others to guess. You can also mix it up by adding or substituting letters, numbers or symbols for extra security.
Note: Don’t use one of the specific examples provided below as your password!
- Choose a series of words from your surroundings: “sofa remote lamp art”
- Create a sentence or original phrase that means something to you: “Graduate with high distinction” or “mynewpasswordisverylong”
- Describe a picture in your mind: “island paradise holiday”
- Create a story from a random set of words: "cat car cloud"
Need further support?
IT Service Desk: 5595 4444 or http://support.bond.edu.au