Strong and Secure NetID Passwords

Your NetID, authenticated by your password, permits you to access electronic services that are restricted to the Cornell community. Besides checking e-mail, you can update your directory listing, sign up for courses, search library databases, review your grades or employee benefits, look for student jobs, download new versions of Cornell-licensed software, and more.

Choose a Strong Password

• Choose at least 8 characters, including at least three of the following four character types:
  1. Uppercase letters
  2. Lowercase letters
  3. Numbers
  4. Symbols found on your keyboard, such as ! * - () : | / ?
  
  ...including blank spaces

• Avoid words found in the dictionary, including recognized names such as "Cornell."
• Stay away from names or nicknames of people, pets, or places, or personal information that can be easily found out, such as your address, birthday, or hobbies.

• Don't embed your NetID in your password.

• Don't include any of these:
  • Repeated characters, such as AAA or 555;
  • Alphabetic sequences, such as abc or CBA;
  • Numeric sequences, such as 123 or 321;
  • Common keyboard sequences, such as Qwerty or pas.

• Use Cornell's password strength checker to see if the password you'd like to use is a good one.

Password Tips

Your password should be easy for you to remember, but difficult for anyone else to guess.

• Invent your own secret password, like this: s3cReT pAs5w*rD. Don't bother with simple substitutions, such as replacing the letter O with the number zero. Get creative with mixing numbers, symbols, and uppercase letters in your own way.

• Or try a passphrase: a line from a favorite song, poem, or speech; the punchline of a joke; a bumper sticker or sports chant. Take the first letter of each word and keep the punctuation, or pick one or two letters or symbols to represent each word, then mix in punctuation and numbers that are meaningful to you.

• For example, the password fa18C's68w mixes the first letter of each word in the song title "Far Above Cayuga's Waters" with the year Cornell opened.

  Think how many passwords you could derive from the first words of the Gettysburg Address, "Fourscore and seven years ago": 4*20+7ya or 4sc&7yrsAgo or 87yr.aGo...

  The last line of Milton's sonnet On His Blindness, "They also serve who only stand and wait," could become 14tasWos&w.

• Don't use any of the example passwords shown here.

Set Your Security Questions

• Visit the Manage Your NetID page to set up a way for yourself to reset your password via the web, in case you ever forget your password. All you need to do is select three different questions and enter your answers. That way, if you have trouble with your password and can answer the three questions you selected earlier, you will be authorized to set a new password without having to know the existing password.

Keep Your Password Secure

• Don't write your password down or store it on your computer.

• Keep your NetID password different from any other password, so your Cornell information will still be protected even if your other passwords are stolen.

• Change your password regularly. See the web page on how to change your password.

• Always change your password immediately if you suspect that someone else might have guessed it.

Trouble with Your Password? Get help at the CIT Contact Center (HelpDesk), 255-8990 or helpdesk@cornell.edu.

• A common problem: Check the "Caps Lock" indicator on your keyboard before typing your password; if the "Caps Lock" key has been pressed, your password might not be recognized. Uppercase and lowercase letters need to be typed exactly the same way every time you use the password.

Forgot Your Password? Passwords are kept in an encrypted database, and cannot be looked up by anyone. If you set your security questions in advance, you can go to the Manage Your NetID web page to reset your password.

If you did not set your security questions, you will need to go to the CIT Contact Center (HelpDesk) in person to have your password reset. Be sure to bring your Cornell ID card. As soon as you have reset your password, be sure to go to the Manage Your NetID web page to set your security questions.

If you cannot go to the Contact Center in person, send the request by mail or fax. Be sure to include a photocopy of your Cornell ID card with your request. Your NetID and an activation code to set your password will be mailed back to you within five (5) business days. Your NetID and activation code cannot be sent by e-mail, telephone, or fax machine. As soon as you have reset your password, be sure to go to the Manage Your NetID web page to set your security questions.

See also Frequently Asked Questions about Network IDs