Password Requirements and Recommendations

CISER encourages the use of passphrases, as well as the use of a secure password management tool. Cornell University provides LastPass free for use to all Cornell faculty, students, and staff.

  • Password Requirements more...
    1. Passwords must contain at least three (3) of the following characteristics:
      • contain at least one lowercase character
      • contain at least one number
      • contain at least one special character
      • contain at least one uppercase character
    2. Passwords cannot contain the following characteristics:
      • permutation of your first name, last name, or username
      • match your last twenty-five (25) passwords
    3. Passwords may contain blank spaces.
  • Password Recommendations more...
    • To help prevent identity theft, personal or fiscally useful information such as Social Security or credit card numbers must never be used as a user ID or a password.
    • All passwords are to be treated as sensitive information and should therefore never be shared, written down or stored on-line unless adequately secured. Doing so, will put you in violation of both Cornell’s Abuse of Computers and Network Systems, and CISER’s System Usage Policy.
    • Passwords should not be inserted into email messages or other forms of electronic communication.
    • The same password should not be used for access needs to any other account (e.g. bank accounts, email, university accounts, etc.)
    • If a password is suspected to have been compromised, it should be changed immediately and the incident reported to CISER systems administration (

If your forgot your password, or otherwise need to change it, please follow the directions below: