Strong and Secure Account Passwords
Passwords are the first line of cybersecurity defense on all Northeastern University online accounts. They help secure both personal and institutional data and information, in combination with two-factor authentication.
Northeastern Password Requirements
To better protect both the university community and the institution, Northeastern works continuously to increase account security. This includes introducing new password complexity requirements, password expirations, and enhanced support and resources for all account holders.
Passwords must contain:
Change your Northeastern password at least once a year. 14 days before passwords expires, you’ll start seeing password change reminders after logging in with your current password. Northeastern will never request details of your password or account by email at any anytime. If you receive an email asking you to enter or update your password, it’s a scam and should be reported or forwarded to email@example.com.
Other Important Password-Related Guidelines
- Your account is your responsibility. Don’t share your password with others, including assistants or technicians. ITS staff will never ask for your password.
- Don’t choose a password that’s based on personal information. Someone who knows you may be able to guess, or bad actors could find it online.
- Don’t use your Northeastern username and password for access to third-party systems (e.g., online shopping, newspapers, travel websites).
- Use a unique password for your Northeastern account, which is not used for other services.
- Avoid letting software save or store your passwords. Not only will you increase the chance that someone will be able to access data on your computer or personal information, but you’ll be more likely to forget the password if you don’t type it in regularly.
- Always log out of programs or websites and close your browser (i.e., Safari, Firefox, or Chrome) when you’re done working, especially on public computers.
- Protect your passwords and treat them as valuables. Avoid writing them down or leaving them around computer, keyboard, or monitor.
- Longer passwords (or “passphrases”) can be formed using a phrase or sentence. They’re easy for you to remember, but difficult for others to guess.
- A short phrase or sentence is often easier to remember. Use special characters to break up phrases, but not at the end of sentences or in other usual ways.
- Use the available password generator feature.
Two-Factor Authentication (2FA)
2FA is an additional resource used to help protect the Northeastern community by securing accounts with two layers of authentication. The first layer is a PIN number or password, and the second is something that you physically have, such as a device.
2FA, like most tools, is only as strong as you make it. Be sure to choose a strong password for your first layer of security within 2FA and adhere to requirements to update that password annually.