Loyola University Chicago

- Navigation -

Loyola University Chicago

University Information Security Office

Passwords

People often don't spend much time thinking about their passwords, but there are a number of security issues associated with passwords. First we'll talk about your Loyola password, and then we'll move on to talking about more general password issues.

Your Loyola University Chicago password
When your account was created at Loyola University Chicago, you should have received a piece of paper with your universal ID (UVID) and password. The password is generated by an algorithm, so it may not be difficult for someone who knows the algorithm and information about you to determine your initial password. Therefore, you should change your password once you receive it. To emphasize this, your password will be set as "expired". This means that you will only be able to logon to Loyola systems 6 times before you change your password. This includes any Unviersity system, such as Student E-Mail, LOCUS, Blackboard, etc. Each time you provide your password counts as one of your 6 uses. To avoid this, you should change your password once you receive it. To change your password, go to PAM, Loyola's Personal Account Manager. Instructions on using PAM can be found here.

Resetting your Loyola University Chicago password
There are 2 methods available to change your Loyola University Chicago password.

1. If you are off-campus, you can call the ITS Help Desk at  773-508-4 I T S (773-508-4487) from 8:00 AM to 5:00 PM, Monday through Friday. They will ask you a series of questions to confirm your identity, and walk you through using PAM, so the ITS Support Center operator will not know what your password is.

2. If you cannot use any of the above methods, or you have previously configured PAM, then you can you the preferred method of resetting your password, which is PAM. The are a number of reasons why PAM is the preferred method. These include

Choosing good passwords>
You will find that you have a large number of passwords for different websites to remember, so it may help to classify the websites based on how bad it would be if someone else found your password to that site. Then make sure to choose strong passwords (described below) for those sites, and try and use strong passwords for the rest. For instance:

 

Type of SiteSensitivityType of Password
Banking sites, student loan sites, primary email address Extremely sensitive Very strong password
University account Very sensitive Strong password
Instant messenger, other email accounts Sensitive Good password
Free sites that require logins but store no personal information (credit cards, addresses, etc) Less sensitive OK password



 Good passwords share a number of characteristics. These include:

Length A minimum length of 8 characters. The longer the password, the better the password is.
Multiple character types There are 4 character types. These are lower-case alpha (abc), upper-case alpha (ABC), numbers (123), and special (%+>~). The more types of characters in a password, the better the password is.
Not a word found in a dictionary Many programs used to attempt to guess passwords can be configured to use dictionaries to try commonly known words. So using passwords that are found in English dictionaries ("password"), non-English dictionaries ("kennwort" or "contrasena"), or words and acronyms that are commonly known to certain groups ("wysiwyg" or "fubar"). Words in dictionaries are terrible passwords.
Unrelated to you Passwords that relate to you may be guessed by people who know you. Using your mother's maiden name, your pet's name, your license plate number, your hobby, or other easily found information as your password makes for terrible passwords.
Not part of your user ID Using any part of your user ID leads to a bad password. This includes if you modify it in some way, such as turning your user ID around.

It is also important that you do not use the same password for multiple sites. If you do, and someone learns your password on one site, they will be able to access every site that you used that password on.

Password standards at Loyola
The password standards for your Loyola Universal ID are as follows:

Additionally, access to your account can be locked if certain events occur. These events include:

Loyola

Information Technology Services
1032 W. Sheridan Ave. · Chicago, IL 60660 · 773.508-7373
DataSecurity@luc.edu

Notice of Non-discriminatory Policy