Guidelines for Setting and Protecting Your Password

Secure passwords are a critical part of protecting email and confidential information. All students, faculty and staff are required to change their account on a prescribed schedule. Users enrolled in Appalachian State's Duo two-factor authentication solution are allowed to keep their password for 365 days. Privileged users who are not enrolled in Duo must change their password every 90 days. All other users will be required to change their password after 180 days.

System Requirements:

  • The account password must be at least eight (8) characters in length with a maximum of twelve (12) characters.
  • Use a combination of letters and numbers, a least one numerical value is required.

Selecting Passwords:

  • Choose passwords that are easy to remember but are difficult for an attacker to guess.
  • Never set a password that is derived from your username or legal name.
  • Avoid using dictionary words, including foreign language, slang, jargon and proper names.
  • Do not use passwords that contain common words or phrases associated with Appalachian.

Guidelines for Protecting Passwords:

  • Treat all passwords as confidential data.
  • Do not include secure passwords in any unprotected electronic communication.
  • Secure passwords should not be shared or used to access non university accounts or systems.
  • Do not write down your password or share it with another user.