It’s time to update your password

Secure passwords are one of your best defences against cybersecurity attacks. They are also essential protection for personal and researcher data stored within Concordia systems. As a result, each and every student, faculty and staff member must choose a strong password that meets basic criteria, and must update it regularly.

“Updating and strengthening your password is good cyberhygiene. It significantly reduces the risk of hackers getting hold of your information and network privileges,” says Alex Aragona, executive director of application portfolio management and chief information security officer for Instructional and Information Technology Services (IITS).

IITS recommends that people change their passwords every six months. However, because of the increase in cybersecurity threats since last spring, IITS asks every Concordia student, faculty and staff member to update your password immediately if they have not done so in the past six months.

Update your password now

To update, go to the MyConcordia portal and select Computer Accounts and Passwords. If you have saved your password to an email clients on your mobile or other devices, you will also need to update those when they prompt you to do so.

All Concordia passwords must comply with some basic criteria:

• Be 12 to 16 characters in length
• Include at least one lowercase letter
• Include at least one uppercase letter
• Include at least one number
• Include at least one special character, such as !, @, #, $ or *

Importantly, avoid using phone numbers, birthdates, names of people or places or other words found in the dictionary.

“Hackers often have software that helps them guess passwords,” Aragona says. “For that reason, never include elements of your netname. Also, avoid using words such as ‘password,’ ‘Concordia’ or sequences like 123456. Choosing simple passwords makes you an easier target.”

Other password safety measures include the following:

• Keep your password secret. Do not share it, and do not write it down where it can be seen by others.
• Associate your new password with a related phrase. That is usually more secure than writing a password down.
• Select “no” if an application prompts you to save your password. Otherwise, anyone with access to your computer could log in to your accounts.
• Use a password for your Concordia accounts that is different from other accounts like your online banking or social media platforms. It is best to choose a different password for each account.

For more information on password security, visit the IT Security page about protecting your identity.

If you need help with your Concordia accounts, please email help@concordia.ca.