Changes to Password Requirements

Passphrases > passwords Length is better than symbols Use four or more words Spaces are allowed Minimum of 12 characters Consider using a password manager See www.it.vt.edu/accounts for details Sample passphrases: Lily Lavender Emmeline Hermione The Dawgs play on Saturday. Hhcc1rejoice Toget#erforever Be a rainbow in someone’s cloud.

New password complexity rules were implemented on January 29, 2018 to increase security for all accounts using the VT Username identifier (including PID, Hokies, and Google) making passwords easier to remember.

The Network Password (for eduroam WiFi and VPN access) is also now administered via a different system.

The new rules for VT Username (PID, Google, and Hokies) Passphrases:

At least 12 characters.
A maximum of 64 characters.
Shorter passphrases (12-19 characters) must include mixed case letters plus either a numeral or a special character that can be typed on a standard US keyboard.
Longer passphrases (20+ characters) offer more freedom – you can use spaces and any combination of characters, cases, and symbols. Sentences and memorable phrases are allowed.
Millions of passphrases are unavailable, based on the VT IT Security Office dictionary of previously hacked passwords.
Can’t be the same as any of your last five passwords.
Can’t contain your VT Username forward or backward.
Can’t contain sequences of 5 or more ordered characters (for example: abcde, qwert, 12345, aaaaa, 11111).

New rules for Banner/Oracle Passwords are coming soon:

Just like the rules for VT Username passphrases, except
- " $ % & ( ) / ; < > @ ` { | } <space> and unicode are invalid for Oracle and Banner passphrases. This leaves ! # ' * + , - . : = ? [ \ ] ^ _ ~ as valid symbols.
- Oracle and Banner passwords have a maximum length of 30 characters.