Computer Laboratory

Password Complexity

User passwords must meet the following requirements:

  1. The password is at least eigth characters long.
  2. The password contains characters from at least three of the following five categories:
    1. English uppercase characters (A-Z)
    2. English lowercase characters (a-z)
    3. Base 10 digits (0-9)
    4. Non-alphanumeric (@,%,+,\,/,',`,!,#,$,^,?,:..,(,),{,},[,],~,-,_)
    5. Unicode characters (use of these is not recommended)
  3. The password does not contain three or more sequential characters from the user's account name.

These complexity requirements are enforced upon password change or the creation of new passwords. The password you are issued with at the time the account was created or when you request a reset at reception will conform to these requirements. We recommend that you choose a longer password rather than just using the minimum length necessary

Attempts to change the password to something which does not conform to these requirements is signalled clearly under Windows but the exact cause of the failure is not stated. Linux users will be presented with the more cryptic string "Authentication token manipulation error" if the new password fails to meet the complexity requirements.