New password complexity rules were implemented on January 29, 2018 to increase security for all accounts using the VT Username (PID) identifier (including Hokies, Google, and Oracle/Banner services) making passwords easier to remember.

The Network Password (for eduroam WiFi and VPN access) is also now administered via a different system.

The new rules for VT Username (PID), Google, and Hokies Passphrases:

  • At least 12 characters.
  • A maximum of 64 characters.
  • Shorter passphrases (12-19 characters) must include mixed case letters plus either a numeral or a special character.
  • Longer passphrases (20+ characters) offer more freedom – you can use spaces and any combination of characters, cases, and symbols. Sentences and memorable phrases are allowed.
  • Some passphrases are unavailable, based on the VT IT Security Office dictionary of previously hacked passwords.
  • Can’t be the same as any of your last five passwords.
  • Can’t contain your VT Username forward or backward.
  • Can’t contain sequences of 5 or more ordered characters (for example: abcde, qwert, 12345, aaaaa, 11111).

The new rules for Oracle/Banner Passphrases:

  • Just like the rules for VT Username passphrases, except
    • /  @  $  and " (and a few other characters) are invalid for Oracle passphrases.
The following are all passphrases that are valid under the university's new password rules:
Lily Lavender Emmeline Hermione
The Dawgs play on Saturday
Hhcc1rejoice
Toget#erforever
Be a rainbow in someone's cloud