Help with Passwords

Password Hints

The VMS system allows you to include numeric digits in your password and the question mark and underscore. This allows you more variety in creating your password, which can help make your password more difficult for an intruder to guess.

Make sure your password is at least six characters long. But, do not use all the same letter or number (e.g., AAAAA or 11111), all numbers, common sequences (e.g., ABCDEF, QWERTY, 12345, or 54321), or any word found in a dictionary (any language!). Instead, make up a nonsense word or phrase, taking advantage of the ability to use mIxeD cASe, numbers, and punctuation symbols. Do not use any variation of your name, family names, or other personal information such as birthdays, phone numbers, license numbers, or social security number as a password; these are too easy for others to guess.

The goal is to create a password that you can remember, but that others won't be able to guess.

The system stores your password in a mathematically scrambled, or encrypted, form to try to protect it from the bad guys. Even if you use a plain old English word from the dictionary as your password, the computer will store it in an encrypted form that might look something like "UsjiVP8Kzgoa." The problem is that the bad guys have plenty of time and fast computers. So, if they knew your password encrypts to "UsjiVP8Kzgoa" they might just take the whole dictionary and encrypt every single word in it. Then they’ll look through that whole list to see which dictionary word encrypts to "UsjiVP8Kzgoa" and once they find it they know which dictionary word you’ve used as your password.

So, instead of real words from the dictionary, make up a nonsense word.

Even adding digits or punctuation may not add to the security of your password unless you do it in a random way. Appending a dictionary word with a digit or punctuation mark is probably as insecure as the dictionary word alone. Instead, use digits and punctuation in surprising, creative ways.

Some experts recommend using misspelled words. But, again, you must be careful not to misspell your words in a predictable way. For example, all the bad guys are on to the trick of replacing the letter "l" with the digit one and the letter "o" with the digit zero.

Coming up with a good password takes some time and thought. Fortunately, many of our systems give you a few days warning before a password expires. Use this time to think of a good one and then make the change. If you wait until the last minute or select a password in haste it won't be as strong as it could be. Remember, your password is one of the last lines of defense against bad guys at keyboards all over the world!

I Tried to Remember, But I Forgot!

You've come up with a password that you think is wonderful and not vulnerable to others. But...you forgot it! What can you do now? Faculty and Staff can email the System Manager, who will set you up with a new temporary password.

To reset your Jenzabar PX password, you must have access to the system prompt ($). Not all users have this authorization.

$SET PASSWORD