Choose a Passwordget help

To protect your SFU account, your computing ID will require a fairly stringent password. To help with the design of your password, we've outlined some tips to ensure you're set up for success. 

At SFU, every student, staff, and faculty account can also take advantage of SFU's multi-factor authentication (SFU MFA) service. This single extra layer of protection can drastically enhance your account's security. 


Things to Avoid:

  • Any word in any dictionary (including foreign language dictionaries), or any prefix, suffix, etc. of such a word.
  • Any concatenation of two or more such words.
  • Any personal information. For example, your social insurance number, names of relatives, friends, significant others.
  • Avoid familiar phrases such as names of pets, car models, license plate numbers etc.
  • Don't use repeate passwords, suggested passwords or other passwords that you've seen written down.
  • Any sequence of adjacent keys on the keyboard. For example, "Qwerty".

Tips for Creating a Secured Password:

  • Contain a mix of upper-case and lower-case letters.
  • Contain punctuation characters and/or numerals. 
    • Note that colon (:) semicolon (;) asterisk (*) and plus (+) cannot be used.
  • Be as long as possible.
  • Be easy to remember. Mnemonics assist greatly in this process.

Some of these rules are enforced by the system when you choose a new password.

Examples of Secured Passwords:

1. Mnemonic Passwords

For instance, take the first letters and punctuation of the phrase, "Hail the Gophers, they're my heroes!" You end up with the password "HtG,tmh!". That's a good password that's also easy to remember.

2. Link Two Short, Misspelled Words

Another idea is to link two short, misspelled words with some other characters. For instance, the Big Ten conference becomes the password "Byg,Tyn!".

Why is Having a Good Password Important?

It protects you. If someone gains access into your account they may be able to obtain information about you to commit
identity fraud.

It protects the system. Most systems can be compromised once a hacker has gotten an account on the system.
The easiest way to get an illicit account is to exploit a weak password. Passwords are the first line of defense against hackers.