Create Strong Passwords
Successful cyberattacks often start with a hacker using an automated system to rapidly “crack” passwords. Your password strength can be the difference between a successful or unsuccessful attack against UT Southwestern or your personal account.
UT Southwestern uses multifactor authentication as an additional layer of protection against password compromises to prevent unauthorized users from gaining access to your account.
Use Longer Passwords
Longer passwords are exponentially harder to crack. UT Southwestern requires passwords with a minimum of 10 characters or more, but the more characters used, the more secure we will be, as shown in the Password Vulnerability Statistics table below.
Password Vulnerability Statistics
|Number of Characters||Numbers Only||Lowercase Letters||Upper & Lowercase Letters||Numbers, Upper & Lowercase Letters||Numbers, Upper & Lowercase Letters, Symbols|
|6||Instantly||Instantly||Instantly||1 second||5 seconds|
|8||Instantly||5 seconds||22 minutes||1 hour||8 hours|
|10||Instantly||58 minutes||1 month||7 months||5 years|
|12||25 seconds||3 weeks||300 years||2K years||34K years|
|14||41 minutes||51 years||800K years||9M years||200M years|
|16||2 days||34K years||2B years||37B years||1TN years|
|18||9 months||23M years||6TN years||100TN years||7QD years|
|Data Source: Hive Systems|
Additional UTSW Security Controls
UT Southwestern uses additional security controls for password protection such as internal weak password cracking and resets, multifactor authentication, and compromised credential monitoring.
Password Tips and Basics
- Keep It Unique to UTSW
Do not use your UT Southwestern password for any other online services.
- The Longer the Better
Your secret password trick probably isn’t very clever. Consider using a long passphrase containing uppercase and lowercase letters, numbers, and symbols instead of a password.
- Build a Passphrase
An easy way to build a passphrase is to use four or more words together to create the phrase. Passphrases provide a good way to compose strong, lengthy passwords that are easier to remember, type, and are naturally complex.
- If Compromised, Change Immediately
Always change your password after any suspected password compromise (e.g., a computer virus, a successful phishing attempt, etc.)
- No Sharing
Sharing user IDs or passwords is strictly forbidden.
Related Terms & Definitions
- Multifactor Authentication
- An authentication method that uses two or more credentials to validate a user’s identity, rather than relying on just a simple username and password combination. If the password becomes compromised, unauthorized users will be unable to meet the second authentication requirement and will not be able to access the system.
- Malicious emails designed to gain access to systems by stealing system credentials or to reveal sensitive data such as financial and healthcare records.
Questions about security awareness?
Office of Information Security