Password at NMBU

OBS: New password-requirements from the 26.10.2020. See details below.

A password protects your personal information and identity from misuse. Therefore, you must not share it with anyone. The IT department will never ask you for your password, we have the necessary tools to perform our work without asking for your password. Never share your password with anyone, neither by e-mail, telephone, or in any other way.

Password security

  • Do not share your password with anyone.
    The password is only yours and it is your security against misuse of your digital identity.
  • Do not write down your password.
    Prevent others form acquiring your password.
  • Do not send passwords by e-mail.
    All requests for password via e-mail can be regarded as an attempt to defraud you.
  • Do not use NMBU password for login on other (private) systems.
    Not all systems which require login, have sufficient security procedures when sending or storing passwords. Especially passwords sent over the Internet can be collected by third parties. Internet addresses with https instead of just http at the start means that information is encrypted and is thus safer.
  • Public computers must be regarded as uncertain.
    PCs in Internet cafés, kiosk solutions, airports, etc.  should only be used for general surfing. Avoid the use of sensitive information such machines, passwords, banking and person sensitive solutions.
  • Wireless networks without encryption must be regarded as uncertain.
    Pay attention when using wireless networks without encryption.
  • Use different passwords with different services.
    Never use the same password with different serviceproviders.

Create a strong password

A good password should be difficult to guess or recreate for others. Today there are many different techniques to guess or recreate a password. Therefore, your password should be well prepared to withstand these techniques. The most important properties of a password are length and complexity:

  • Length: Use at least 10 characters in the password. Longer passwords can be advantageously used.
  • Complexity: “Ski37$kole” is more complex than “ski37skole”

A password must, in addition to be at least 10 characters long and contain at least 5 different characters, meet three of the following four characteristics:

  • Lowercase : abcde …
  • Capitalization : ABCD ..
  • Numbers : 0123456789
  • Special characters:! # $ % & ( ) = ? + * – _ , . { } [ ]><
  • The following signs shall not be used:
    •   Special characters used in the program code: ; “‘ ` | \ /
    •  Language-specific signs such as: æ ø to Æ Ø Å

If the password is longer than 10 characters, 2 out of 4 characteristics might suffice.

We now support pass-phrases! To qualify as a pass-phrase the phrase must contain at least 16 characters, and at least 2 out of 4 of the characteristics above. This can be solved by using small letters and in addition either spaces, hyphens, or capital letters. The advantages by using a pass-phrase is that regular words can be used, and therefore the pass-phrase will be both easier to reamember, and easier to type.

Tips for creating a password you remember

Use a pass-phrase:

Use a whole phrase with more than 16 characters. The phrase must contain at least a special character, a number or a capital character in addition to normal characters. This can be solved by using spaces or hyphens between the woords, or some capital letters. You can also increase the complexity by changing the order on the words in the phrase. Here are some examples:

  • i-took-a-trip-nice
  • It-is-dogs-raining

Passwords: Start with a word :

Start with a word as basis, and do some changes to make a valid password by:

  • Use uppercase and lowercase letters interchangeably
  • Add some numbers in your password
  • Add some special characters

Avoid language specific characters that you can risk not having access to at login
Example: For example, the word “skisko”. Then do as the following :

  • Use capital letters interchangeably (SkIsKo)
  • Add some numbers in the password (SkI37sKo)
  • Add some special characters (SkI!37sKo_)

Passwords: Start with a sentence

If you use the first letter of each word in a phrase, song, poem, etc. you get the a long password. If you do the following :

  • Use capital letters interchangeably
  • Add or replace some letters with numbers
  • Add or replace some characters with special characters

Then you have a valid password.

Example: One of the sentences in Peer Gynt gives the following letter series “ojhehlssdj”. To get a valid password, you can do the following:

  • Use some uppercase and get: ojhehLssdJ
  • Replace some letters with numbers : 0jh3hLssdJ
  • Replace some characters with character : 0jh3hL$$dJ

Some artistic possibilities

  • Do you play the piano? Imagine a keyboard row of keys as white and a another as black. Play a few chords. Shift can be pedal to get the capital letters.
  • Organ? The upper and lower manuals covering the entire keyboard.
  • Good at dancing? Let your fingers dance a pattern on the keyboard.
  • Imagine a drawing or other form you can transfer to the keyboard.

Add some numbers, special characters and capital letters in a way you can remember.

NB ! Example passwords of must never be used, nor password similar to these.

How to change password

Go to How to change password