Strong and Secure Account Passwords
Passwords are the first line of cybersecurity defense on all Northeastern University online accounts. They help secure both personal and institutional data and information, in combination with two-factor authentication.
Northeastern Password Requirements
To better protect both the university community and the institution, Northeastern works continuously to increase account security. This includes introducing new password complexity requirements, password expirations, and enhanced support and resources for all account holders.
Passwords must contain:
- At least 15 characters
- 1 lowercase character
- 1 numeric character
- 1 special character (excluding backslash)
- 1 uppercase character
Passwords must NOT contain:
- Any of your last 5 passwords used
- Northeastern username, email address, or NUID
- Personally identifiable information (first or last names, birthdays, addresses, etc.)
- Simple phrases and combinations (e.g. password1234)
Change your Northeastern password at least once a year. 14 days before passwords expire, you’ll start seeing password change reminders after logging in with your current password. Northeastern will never request details of your password by email at any anytime. If you receive an email asking you to enter or update your password, it may be a scam and should be reported or forwarded to email@example.com.
Ready to update your password? Follow the links below for how to go about doing so.
Know your current password? Change your password.
Have a forgotten or expired password? Reset your password.
Important Password-Related Guidelines
- Your account is your responsibility. Don’t share your password with others, including assistants or technicians. ITS staff will never ask for your password.
- Don’t choose a password that’s based on personal information. Someone who knows you may be able to guess, or bad actors could find it online.
- Don’t use your Northeastern username and password for access to third-party systems (e.g., online shopping, newspapers, travel websites).
- Use a unique password for your Northeastern account, which is not used for other services.
- Avoid letting software save or store your passwords. Not only will you increase the chance that someone will be able to access data on your computer or personal information, but you’ll be more likely to forget the password if you don’t type it in regularly.
- Always log out of programs or websites and close your browser (i.e., Safari, Firefox, or Chrome) when you’re done working, especially on public computers.
- Protect your passwords and treat them as valuables. Avoid writing them down or leaving them around the computer, keyboard, or monitor.
- Longer passwords (or “passphrases”) can be formed using a phrase or sentence. They’re easy for you to remember, but difficult for others to guess.
- A short phrase or sentence is often easier to remember. Use special characters to break up phrases, but not at the end of sentences or in other usual ways.
- Use the available password generator feature.