New password complexity rules were implemented on January 29, 2018 to increase security for all accounts using the VT Username (PID) identifier (including Hokies, Google, and Oracle/Banner services) making passwords easier to remember.
The Network Password (for eduroam WiFi and VPN access) is also now administered via a different system.
The new rules for VT Username (PID), Google, and Hokies Passphrases:
- At least 12 characters.
- A maximum of 64 characters.
- Shorter passphrases (12-19 characters) must include mixed case letters plus either a numeral or a special character.
- Longer passphrases (20+ characters) offer more freedom – you can use spaces and any combination of characters, cases, and symbols. Sentences and memorable phrases are allowed.
- Some passphrases are unavailable, based on the VT IT Security Office dictionary of previously hacked passwords.
- Can’t be the same as any of your last five passwords.
- Can’t contain your VT Username forward or backward.
- Can’t contain sequences of 5 or more ordered characters (for example: abcde, qwert, 12345, aaaaa, 11111).
The new rules for Oracle/Banner Passphrases:
- Just like the rules for VT Username passphrases, except
- / @ $ [space] " a few other characters and unicode are invalid for Oracle passphrases.