Password Creation Standards
At UC Merced, the password associated with your UCMNetId must meet the following criteria:
- At least one capital letter
- At least one numeric number
- At least one special character
- At least 12 characters in length
- Last 5 used passwords cannot be reused
Passwords should NOT:
- Be a word found in the dictionary, whether spelled forwards or backwards, or a word preceded or followed by a digit (e.g., secret1)
- Include User Name or Login Name
- Include personal information, names of family, places, pets, birthdays, address, hobbies, etc.
- Contain keyboard sequences, such as “qwerty89” or “a b c 1 2 3”
Password Security Standards
- Passwords must be treated as confidential UC Merced information.
- Sharing passwords is a serious breach of UC Merced policy and may result in disciplinary action. Never share your password with anyone else for any reason. (This includes co-workers, supervisors, and even IT Staff!)
- Do not write your passwords down – If you have to write something to help you remember a password, use a hint that others won’t be able to decipher, and store it securely.
- Do not let your applications or browser remember passwords that provide access to restricted systems or data.
- Change initial passwords, password resets, and default passwords the first time you log in. These passwords can be vulnerable to guessing or to automated programs hackers employ to break into systems.