About your IU passphrase
Important: If you have not changed your passphrase in two years, IU requires that you do so. If you do not, your passphrase will expire and you will be unable to log into most IU services. See Why is my IU passphrase expiring?
On this page:
Passwords and passphrases
Passwords are short sequences of letters, numbers, and symbols that you enter to verify your identity to a system in order to access secure data or other resources. Passphrases operate on the same principle and are used in the same way, but differ from traditional passwords in two aspects:
- Passphrases are generally longer than passwords. While
passwords can frequently be as short as six or even four characters,
passphrases have larger minimum lengths and, in practice, typical
passphrases might be 20 or 30 characters long or longer. This
greater length provides more powerful security; it is far more
difficult for a cracker to break a 25-character passphrase than an
- The rules for valid passphrases differ from those for passwords. Systems that use shorter passwords often disallow actual words or names, which are notoriously insecure; instead, your password is usually an apparently random sequence of characters. The greater length of passphrases, by contrast, allows you to create an easily memorizable phrase rather than a cryptic series of letters, numbers, and symbols.
Passphrases at Indiana University
To keep your passphrase secure, you should change it every six months.
Your passphrase must:
- Contain at least 15 characters (127 characters is the maximum
- Use at least four unique characters; letters, numbers, and
symbols are allowed (except for the invalid symbols
Network ID passphrases are case-sensitive: The lowercase
cis different from the uppercase
C. Make sure that the
Caps Lockkey is not on when you create your passphrase, unless you intend to enter all uppercase letters.
- Use at least four words, with "word" defined as two or more
Words must be separated by one or more spaces or by valid symbols other than the underscore (
_); therefore, you can't use numbers, letters, underscores, or any invalid symbols to separate "words"; for example:
- This passphrase contains four "words", with a space, a dollar
$), and a dash (
-) functioning as separators, and therefore meets the requirements for a valid passphrase: little pink$houses-4unme
- This passphrase contains only three "words" separated by spaces, because the underscore and numbers do not function as separators. It therefore does not meet the requirements for a valid passphrase: HOAGY_car Michael plays123stardust
- This passphrase contains four "words", with a space, a dollar sign (
Your passphrase must not:
- Contain your name or Network ID username.
Use any of these invalid symbols:
- The "at" sign (
- The hash tag or number sign (
- The greater-than (
>) or less-than (
- The double quotation mark (
- The "at" sign (
- Be a common phrase; for example: to be or not to be april showers bring may flowers
- Be based on a predictable pattern, such as the alphabet or the layout of a standard keyboard.
Changing your passphrase
To change your Network ID passphrase, or to reset it if you have
forgotten it, go to one.iu.edu,
passphrase reset, and click the
Important: Before changing or resetting your passphrase, see What precautions should I take when changing my passphrase?
For other passphrase reset options, see At IU, if I have forgotten my Network ID passphrase, how can I reset it?
For more about passphrase security, see At IU, how can I keep my passphrase secure?