ITS

Information Technology Services
Information Technology Services

Manage Your Password

Your NetID and password are used to gain access to online University services and resources. Your NetID will never change, but you should change your password often. A strong NetID password ensures that university resources are safe and your personal information is safe as well. You should never give your NetID and password to anyone else as doing so can expose both your personal and confidential information and that of the University. Remember that divulging your NetID password or other access control information for your accounts is a violation of the Queen's Electronic Information Security Policy Framework.

Queen’s is committed to keeping our users and resources secure; as a result, Information Technology Services has developed strengthened password procedures.

The following policies exists as an element of the Queen's University Electronic Information Security Policy Framework.

Strong passwords protect both personal and university information and prevent misuse of Queen's University resources.

  • Ten Character NetID passwords now required
    As of October 11, 2016 all new NetID password changes must adhere to the following standard:
    • Be a minimum of 10 characters
    • Contain at least one uppercase letter
    • Contain at least one lowercase letter
    • Contain at least one number
    • Contain at least one special character
  • You will be required to change your password at least once every 12 months.
    • You will be notified by the IDM system 30 days before your password will expire
  • Your new password must be different than your old password.  You cannot re-use the same password.

Note:  PeopleSoft users will still be required to change their passwords every 120 days and their password length must be at least 15 characters

If you know your current password and it has not expired you can change it yourself by going to the NetID Profile Manager.  See the Step-by-Step tutorial.

Forgot Your Password?  Use the Self Service Password Reset.

If you have forgotten your current password or it has expired you will be able to reset it yourself if:

  • You registered an alternate email address
    • If you register an alternate email address all password (and account) changes will be sent to your alternate email address as well as your Queen's email address. This is helpful in case someone gains access to your account and changes the password. You will be notified and you will be able to reset the password for the account. 
    • Go to the NetID Profile Manager and select Start password reset.
    • See the Self-Service Password Reset Tutorial for detailed instructions.
       
  • You created security question and answers
    • If you create security questions and answers you can answer the question to be able to reset your password. 
    • Go to the NetID Profile Manager and select Start password reset.
    • See the Self-Service Password Reset Tutorial for detailed instructions.

Forgot Your Password?  Have ITS Staff Reset your Password**

If you have not created your security questions or registered an alternative password, you can have your forgotten password reset in the following ways:

  • Students, faculty and staff have the following options:
    • Call the IT Support Centre at 613-533-6666 (off campus) or 36666 (on campus) for a password reset.
    • Bring a Student Card or Faculty/Staff Card, plus additional photo ID to the ITS Walk-in Desk  located in Mackintosh-Corry Hall, Rm B205
    • Hours of Operation 
  • Faculty and staff can also contact their ITAdmin Rep, who will submit a password reset request on their behalf.
  • Alumni can call the Alumni Contact Centre at 1.800.267.7837 (Monday to Friday: 8 a.m. - 5 p.m.), or email records@queensu.ca for assistance.

** Note that this service cannot be provided if you do not provide the proper identification.

When you change your NetID password, it will apply to all your NetID-based services. Your NetID password change will take effect immediately, however it will take anywhere from 5 minutes to 35 minutes for other services to be updated. Some of these services include:

  • Queen's email/webmail
  • Moodle / onQ
  • Portal (MyQueensU)
  • Queen's Wiki
  • QShare
  • Active Directory (AD)
  • WebPublish
  • Wireless Internet Conectivity (QueensuSecure_WPA2 and Eduroam)

If you use mobile devices to access some of these services, you may have to update your password for those devices at the same time.

There are also many department-specific applications that require the use of your NetID and password. These applications will also be affected.

Please visit the ITS website tutorials on Changing and Removing Stored Passwords for more information.

Note: Do not use these password examples - they have been published!

The best passwords are a completely random string of upper and lower case letters, numbers, and special symbols (#, @, $, !, etc). The trouble with this is that such passwords are very hard to remember and you will be tempted to write them down, which is not good practice. However, if you must write down a password, do not keep it with the corresponding NetID!

Acronyms and Pass Phrases:

  • Try putting together an acronym that is special to you. For example, "NotFsW" - none of this fancy stuff works, or "TTL*hiWw" - twinkle, twinkle little star, how I wonder what...
  • When you create a password for a site, you might think of a phrase you associate with the site and use an abbreviation or variation of that phrase as your password  - just don't use the actual words of the site.
  • If it's a long phrase, you can take the first letter of each word, and increase its strength by making some letters uppercase and swapping out some letters with numbers or symbols. As an example, the phrase for your banking website could be "How much money do I have?" and the password could be "#m$d1H4ve?"[from Google]

 

Strong Password Guidelines

  • Choose a minimum of 10 characters in length - yes it can be longer!
  • Use a combination of upper and lower case characters, numbers, and symbols.
  • Use different passwords for different accounts.
  • Memorize your password; however, if you must write it down, don't keep it with your NetID! And, put it in a secure place.
  • Don't use words that can be found in a dictionary of any language as your password.
  • When a site allows, register an alternate email address and security questions.  If you do forget your password you will be able to reset it.
  • Don't share your password with anyone!  Not even family.
  • Don't use someone's name (even spelled backward).
  • Don't use your birthdate.
  • Don't use your pet's name.
  • Don't use words spelled backwards.
  • Don't use words with numbers added only to the beginning or end.
  • Don't use words from different languages.
  • Don't use corrupted versions of a word by replacing certain letters with certain numbers, for example replacing an "e" with a "3" or an "o" with a "0".

Beware of Phishing Emails

Beware of any email that asks you to verify your NetID and password.  An increasing number of emails are being sent to Queen's University email addresses asking you to verify your NetID and password. These emails are hoaxes known as phishing attacks, and are fraudulent attempts to get you to reveal personal information.

No legitimate authority at Queen's will ever ask you to divulge your NetID password.

The following NetID practices are recommended by ITS:

  • Never give out your NetID and password.
  • Do not reply to any email asking you for this information, or click on links in such an email.
  • If you have replied, change your password immediately, and contact the IT Support Centre for assistance
  • Do not use your NetID and password as your login credentials for any online service that does not require them. This includes some Queen's services  as well as all non-Queen's applications (e.g. online banking, shopping).
  • Contact the IT Support Centre at 613.533.6666 during regular business hours or by filling out the online help form if you have any questions.

Visit the  Office 365 Security Features web page to find out about security measures being implemented by Queen's and Microsoft.

Last Updated: September 15, 2017