Your University account password (formerly Raven) provides access to University data, including confidential and valuable information. It is essential to keep it secret and keep it safe.
Your University account password protects your accounts and is used to grant you the appropriate access privileges to many University systems and storage. It's therefore very powerful: if someone manages to get your password and compromises your University account, they'll have access to everything you have access to.
Users must have a strong password for University information services and must not use the same password for any services external to the University, according to the University's Acceptable Use Policy.
Choose a strong and unique password
- Make your password as long as possible. Use at least 16 characters.
- Use a phrase of unconnected words separated by another character, such as Tango-Teakettle-Barbecue, which is easy to remember but difficult to crack. An online passphrase generator can be a useful source of ideas.
- Avoid passwords that contain personal information such as birthdays, addresses, phone numbers or names of friends and family members (including your pets).
- Don't assume that using a language other than English means you can have a simpler passphrase. Hackers are global and translation is easy.
- Make sure your password is not on this list of passwords that have been exposed in data breaches. If it is, change it immediately.
- Don't use the same password on any other website or system either at the University – for example, to password-protect documents or spreadsheets – or on external sites such as your bank, Amazon or Netflix.
Keep your password safe
- Don't share your password with anyone else, and never give it out over the phone or in an email. No University IT service desk or member of IT staff will ever ask you for your University account password.
- Be discreet when typing in your password. Make sure nobody can see what you are typing.
- Set up password recovery, if you haven't already done so.
- Don't write down your password – for example, on a Post-it note. It is good practice to purchase and use a password manager, which will help you create and store strong passwords securely so you don't have to remember them or write them down. It will also remain with you even if you leave the University.
- Secure your personal or home devices with a password, PIN or biometric identifier (for example, thumbprint or face ID) if you use them to access University information services.
- Change your University password immediately if you think it's been cracked or your account compromised in some way. Make sure you update any mobile devices that use your account details at the same time, otherwise you might get locked out of your account if they cause a lot of invalid login attempts.