As part of ongoing efforts to improve account security, Seton Hill University has established a new password complexity schema and procedure for password changes and setting security questions for all staff, faculty, and students beginning in December 2022.

Password resets, security questions, and the ability to unlock accounts are being migrated to a vendor-based system, Microsoft 365. With this system, you will be able to configure multiple ways to independently recover and access your account through secondary email, text message and security questions.  This is a tool that we currently have access to that will provide a modern interface to self service password management.  The Solution Center will no longer have access to your security questions or the ability to unlock your account. The power will be at your fingertips at any time of the day or night!

This approach aligns with current information security best practices and limits the added risk that a compromised account presents to the University. Update your security questions/answers and other recovery methods using the links below.

How To Links

Setting up Your Verification Methods

Resetting Your Password

Updating Security Questions

Unlocking Your Account

New Password Requirements:

• 12 or More Characters

• Uppercase Letter

• Lowercase Letter

• Number

• Symbol

So, how do you have a “strong” password that is easy to remember? While it may seem tough to do this, there are a few simple tips that can make it easy.

Note: the examples below illustrate just the concepts being discussed.  No single technique should be used on its own.

The combination of several will produce a strong password.

• Use a mix of alphabetical and numeric characters.

• Use a mixture of upper- and lowercase; passwords are case sensitive.

• Use symbols if the system allows (spaces shouldn’t be used as some applications may trim them away)

• Use a combination of letters and numbers, or a phrase like “many colors” using only the consonants, e.g., mnYc0l0rz or a misspelled phrase, e.g., 2HotPeetzas or ItzAGurl .

• Pick something obscure:

  • • an odd character in an otherwise familiar term, such as phnybon instead of funnybone;

    • a combination of two unrelated words like bigbird

    • An acronym for an easy to remember quote or phrase (see below)  

      a deliberately misspelled term, e.g., Wdn-G8 (Wooden Gate) or HersL00kn@U (Here’s looking at you).

• Replace a letter with another letter, symbol or combination, but don’t be too obvious about it.  Replacing o with 0 or a with 2 or i with 1 is something that hackers just expect.  It is definitely better than nothing, but replacing 0 with () would be stronger as it makes your password longer and is not as obvious

• An easily phonetically pronounceable nonsense word, e.g., RooB-Red or good-eits .

• Two words separated by a non-alphabetic, non-numeric, or punctuation character, e.g., PC%Kat or dog,~1#