Skip to main content

Password Standard

Passwords are an integral component of any IT security program. Users must keep their passwords confidential and must not provide them to anyone, including supervisors or other administration and IT staff. In addition, users must not use their University password for non-University or third party systems. Unauthorized use of a password can result in loss or inappropriate disclosure of data, harm to IT resources, fines or other penalties, reputational damage, etc. If you suspect that your password has been compromised, you must change the password immediately and report the incident to your Information Security Officer.

General Password Length: minimum 8 characters, maximum 26 characters

Administrator Password Length: minimum 15 characters

Passwords must contain 3
of the following 4:
Lowercase Letters
Uppercase Letters

Special Characters
? . _ - ~ + = $ !

(note, some applications will not accept commas for special characters; therefore, we recommend selecting from one of the other examples provided)


Passwords cannot:

  • Contain any spaces.
  • Be the same as the prior password regardless of case.
  • Be a 5-character or longer word found in the dictionary.
  • Be the same as any part of their name or their user ID regardless of case.
  • Contain symbols other than the special characters specified above.
  • Contain campus-related terms such as tiger, Truman, Jesse. Each campus will provide words that will be prohibited under this category.

Reviewed 2022-03-01