Skip to main content

It’s time to update your university password

These secure measures are essential defences against cyberattacks
September 17, 2020
By Sylvie Babarik

Image of a hand holding a black iphone. Photo by NeONBRAND on Unsplash

Secure passwords are one of your best defences again cybersecurity attacks. They are also essential protection for personal and researcher data stored within Concordia systems. As a result, each and every university member must choose a strong password that meets basic criteria, and must update it regularly.

“Updating and strengthening your password is good cyberhygiene. It significantly reduces the risk of hackers getting hold of your information and network privileges,” says Alex Aragona, executive director of application portfolio management and chief information security officer for Instructional and Information Technology Services (IITS).

Even more important than the age of your password is its compliance with basic criteria. For example, Concordia passwords must:

  • Be 12 to 16 characters in length
  • Include at least one lower case letter
  • Include at least one upper case letter
  • Include at least one number
  • Include at least one special character, such as !, @, #, $ or *

“Anyone who has joined the university in the last few years had to comply with these basics. What we want to ensure is that passwords are updated to meet security standards,” Aragona explains.

For example, avoid using phone numbers, birthdates, names of people or places or other words found in the dictionary.

“Hackers often have software that helps them guess passwords. For that reason, never include elements of your netname. Also, avoid using words such as ‘password,’ ‘Concordia’ or sequences like 123456. Choosing simple passwords makes you an easier target.”

Update your password now!

IITS recommends that people change their passwords every six months. However, because of the increase in cybersecurity threats since spring 2020, they ask that every Concordia student, faculty and staff member update their password before the end of September.

To undertake an update, go to the MyConcordia portal and select Computer Accounts and Passwords. If you have saved your password to an email client on your mobile device, you will also need to update those when they prompt you to do so.

Other password safety measures include:

  • Keep your password secret. Do not share it, and do not write it down where it can be seen by others.
  • Associate your new password with a related phrase. That is usually more secure than writing a password down.
  • Select “no” if an application prompts you to save your password. Anyone with access to your computer could log in to an account as you.
  • Use a password for your Concordia accounts that is different from other accounts like your online banking or social media platforms. It is best to choose a different password for each account.

For more information on password security, visit the
IT Security page about protecting your identity.

If you need help with your Concordia accounts, please email

Back to top

© Concordia University