To ensure the security of personal data and university resources, the Division of Information Technology has updated account creation and management processes and has implemented new password complexity rules that began on January 29th. This change goes into effect for each user during their next password reset cycle (required annually). In combination with 2-Factor Authentication, the new passphrase requirement has further extended security.

So why is a passphrase better than a password? For starters, passphrases are typically easier to remember than an artificially complicated collection of symbols and letters (like ‘P@55w0rd’). Each additional character added to a password dramatically increases the difficulty of cracking that password – that’s why our best advice is to make your passphrase 20 characters or longer (to a maximum of 64 characters). With passphrases you can use spaces, most punctuation, and upper or lower cases, or even a little-known line from your favorite book or song. It still might be a good idea to stay away from ‘Hokie Football is #1’ or other predictable phrases.

All users also have the option to set VT Username (PID) and Hokies (O365/Microsoft) passphrases the same, making it possible to have just one passphrase to access most of your university computing resources.

This change was part of a larger effort to streamline the processes involved in the creation and management of online accounts. For complete info, visit:

Passphrases > passwords Length is better than symbols Use four or more words Spaces are allowed Minimum of 12 characters Consider using a password manager See for details Sample passphrases: Lily Lavender Emmeline Hermione The Dawgs play on Saturday. Hhcc1rejoice Toget#erforever Be a rainbow in someone’s cloud.

Virginia Tech Passphrase Rules