Protect Your Password: Strength and Secrecy
Your NetID and password are powerful assets and give you access to a number of Northwestern systems: networking, financial records, email, and more. Securing your password means securing Northwestern’s data—and your own.
Create a Long and Strong Passphrase/Password
Creating a sufficiently complex password doesn’t have to be…well, complex. To create a password that is both strong and memorable, try using a passphrase! Song lyrics, phrases, or other sentences are good options to create long passwords that are hard to crack but easy to remember. For example, the passphrase Mypasswordis31characterslong!!! is far more secure than the randomized password d8Shg-09.
Visit Northwestern IT's Web page about secure passphrases/passwords to review the requirements for NetID password complexity.
Never Share Your Passphrase/Password with Anyone
It is against Northwestern IT policy to share your password with anyone. Your NetID and password are intended to grant you access to your own data and to other potentially sensitive information contained on Northwestern systems.
Furthermore, your NetID and password act as your digital signature: if someone uses your credentials and violates University policy, you could be held accountable for those actions.
Store Your Passphrase/Password Securely
Passwords kept on a piece of paper or in a Word document on your computer can be compromised or lost. If you have forgotten or let your NetID password expire, please review the NetID Password Reset Guidelines.
Consider Using a Password Manager
The safest places for your password are your memory or an encrypted password manager. A password manager is a software application designed to store and manage online credentials. There are many options available including, 1Password, Bitwarden, and Dashlane. These services can help defend against cybercriminals by generating and storing a unique password—one that's long and complicated—for each of your online accounts. Usually, these passwords are stored in an encrypted database and locked behind a master password. Some autofill your credentials, so you don't have to re-type your password each time.
When comparing password management providers, be aware that those offering "free" services often collect and sell your browsing data. So, make sure to research before selecting a password manager to store all your credentials.
Log Out Completely, Especially on Public Computers
Forgetting to sign out of your accounts on machines that do not belong to you may give the next person to use that computer access to your information. Whenever you use a friend's laptop or a public computer at a lab or library, take an extra moment to be sure you've logged out of anything that could contain personal information.