Password Best Practices

Password Do's and Don'ts


  1.     Use strong passwords.
  2.     Use a different password for each account, even for UNH accounts that use the same username.
  3.     Change your passwords every 6 months in accordance with UNH policy.
  4.     Use a password manager.


  1. Don't share your passwords with anyone, ever.
  2. Don't write your username and password on a post-it note under your keyboard or on your monitor.
  3. Don't write down your username and password in the same place, or at all.
  4. Don’t use iterative passwords (JohnDoe1, JohnDoe2, etc.)
  5. Don’t use easily guessed password schemes (numbers or special characters used only at the beginning or end like 11Aloha, 1Aloha1, Aloha11, Aloha!!, !!Aloha)

Methods for Creating a Strong Password

To protect your information and the University, create a strong, unique password for each account you use at UNH.  Strong passwords have the following characteristics:

Length:   Use a password that is 8-15 characters.


Passphrase (not password): Use a passphrase that combines several words into a phrase that is easy for you to remember like “I love mt chocorua” or “ilovemtchocorua”

Use the entire keyboard:  Using uppercase and lowercase letters, numbers, and symbols increases the complexity and therefore the strength of a password. You can strengthen the passphrase above by injecting this kind of additional complexity “ILoV3MtC#oc0rua”.

Avoid Dictionary Words: Avoid using words found in the dictionary as part of your password or passphrase.  For example, in the example above, removing the spaces and changing the “e” in love to a “3” allows use of the word “love” without actually using the word as it would be found in the dictionary.

Custom Fields
  • Department: Accounts
Attached Files
There are no attachments for this article.
Related Articles RSS Feed
Searching class schedules
Viewed 623 times since Mon, Aug 3, 2015
What’s the Deal with Publicly Posted Credentials?
Viewed 479 times since Thu, Jun 29, 2017
Website Accounts
Viewed 1226 times since Mon, Jan 30, 2017
Accounts: I just got a message reminding me to change my AD password. What do I need to do?
Viewed 711 times since Wed, Feb 24, 2016
Viewed 1701 times since Wed, May 13, 2015
How do I log in to the International Travel Registry?
Viewed 1157 times since Thu, Jun 11, 2015
Accounts: How do I request that someone’s IT accounts be disabled?
Viewed 519 times since Mon, Mar 7, 2016
ID Look-up Tool FAQ
Viewed 1702 times since Tue, May 12, 2015
Document Imaging/Xtender Account FAQ
Viewed 1346 times since Tue, May 12, 2015
Account Deactivation Information
Viewed 1727 times since Mon, May 11, 2015