Changing Default Passwords

March 06, 2023
Submitted By: ITS

Several recent security breaches with UHart email accounts have been the result of users not creating their own secure password.

Default passwords should be changed as soon as possible. This is because they are not a truly unique secret to be known only to you, the user. Hackers can guess, or use a computer program to guess, a password if it follows a predictable pattern—like your University ID. When it comes to password age or expiration, we only require people to change their passwords if they, or ITS, have reason to believe it is known by someone else. If you’ve been given a default password it is, by definition, known to someone else.

Here are a few tips:

We encourage the use of long passphrases. Length, not complexity, is the new entropy. Long passphrases are easier to remember and easier to type (we forget that need too often).
Ensure that every account has a unique password. That way, if an account is compromised, all of the  other accounts are safe.
To easily change your password(s), go to this easy password management web page.

We encourage all students to set up their security questions and recovery cell phone number now so, if you need to use them later, they are available to you to reset your password on your own.

Please contact the Help Desk if you have any questions or need assistance.