Password Best Practices 

Creating a strong password is key to protecting your personal information at LSUE. In general, the longer and more diverse a password is, the more difficult it will be for an attacker to crack it.  LSUE Bengal Account passwords expire and must be changed every 180 days.

OIT recommends several best practices to help strengthen your credential for your LSUE accounts, in addition to other accounts a user may own:

• Use at least 8 characters and ideally a minimum of 14:
  • In general, the longer the password, the harder it will be for an attacker to guess.
• Use a variety of characters:
  • Use at least 3 types of characters including numbers, upper case letters, lower case letters, and/or special characters (e.g @, #, $, %)
• Never use part of your name:
  
  • Passwords should not contain part of your name.
• Never re-use passwords:
  
  • Do not use passwords repetitively swaping back-and-forth between previously used values.
• Create a passphrase:
  • Passphrases are phrases that you can easily remember and can also be translated into characters. For example, the phrase “I saw Mike the Tiger at LSU in 2006” can be translated to “iSmtT@LsUi2006”.
• Never share with others:
  • Anyone with access to your password has access to your personal information, and therefore can impersonate you online. This includes being able to alter your financial information, make purchases, send emails addressed as you, etc.
• Use different passwords for different accounts:
  • If the same password is used across multiple applications and an attacker manages to get access to your password, they can then compromise all of your accounts with that one password. Using different passwords for different applications ensures that all of your accounts won’t be compromised if one of your passwords is cracked.
• Change your password periodically:
  • Changing a password periodically allows for less time for attackers to obtain a particular password.