Passwords – do I have to change them?

Managing your passwords is your best defense against cybercriminals. As a UCalgary community member, protecting yourself also means that you are giving assurance to your university family. To manage your password visit and follow the directions.

By changing your password regularly, you help secure your emails, files and data from theft and attack. If a criminal learns your password, he or she can then gain access to a lot of other information and use your email to gain the trust of those you study, work and learn with.

That is why students, faculty, staff and community members with an IT Account are asked to change their passwords yearly via email. However, changing your passwords every 90 days is even better. 

It is a pain!

BUT, Password Management is about mitigating or decreasing risk. There is no such thing as a secure password. By changing your password in regular intervals you are decreasing the likelihood of someone guessing your password and accessing your login ID. 

Keep it Complex

The more complex and random your password, the less likely it will be guessed. Hackers or robot attackers rely on patterns to break through password protection. This is also a great reason to not use birthdates and family names. And, please do not reuse passwords. Reuse just increases the opportunity for someone to guess this password.

Never, ever share

Despite what your parents said about sharing, never share your password! Your password is your proof of identity. If you do, your identity is tied to all transactions that were conducted during that particular log on session. This could include mistakes, malicious attacks and criminal activity.

We don’t want to know

UCalgary IT will never ask you for personal information or passwords. Anyone who asks for any personal information, by phone or email, claiming to be UCalgary IT, is phishing for your information!

For more information regarding Password Management, please refer to sections 4.19 through 4.28 of the Logical Access Standard – you will need to login to the IT website to access the standard.

More information about what makes a good password is available on the Canadian Centre for Cyber Security website.