Changing Your Password

    To change your Saint Mary's password (e-mail, network drives, Blackboard), visit http://www.saintmarys.edu/account, and click on the Change Password button to change your password. Follow the instructions provided.

    Phishing scams

    For information on phishing scams, please refer to these FAQs:

    Creating a Password

    Creating a secure password is very important, because unauthorized users are often able to steal accounts or gain access to a system by guessing passwords. People who try to gain unauthorized access to a computer or a specific account are called "crackers". If your account is compromised, because of either a bad password or other means, the cracker can not only remove or modify any of your files, but he/she can also attack other users on the system, or other systems on the network. They may also attempt to use information from your account to steal your identity (identity theft).

    Good passwords are difficult to create; care and thought should go into each one. Here are some guidelines for choosing passwords.

    Some examples of bad passwords are:

    • your login in any form (as-is, reversed, capitalized, doubled, etc)
    • any first or last name, regardless of ordering or capitalization
    • license plate numbers
    • phone numbers
    • social security numbers (in whole or part)
    • street, city, state or country names
    • any word found in a dictionary, English or other
    • cartoon characters
    • names of pets
    • names of children or family members

    Good passwords are usually pieces of several words, with odd capitalizations. A good password may include punctuation or other non-alphabetic characters. Using digits in unexpected locations can make a password better.

    Some examples for passwords (please do not use these examples for your own password):

      Bad password: goirish
      Better password: g01r1sh
      Good password: g01Ri8hP
      Best password: 1Ch33r4iRShFtBl!

    Why is goirish a bad password? Because it contains words that are easily found in a dictionary and is relatively easy to guess on our campus. "goirish" is in the top 4,000 most used passwords.*

    Why is g01r1sh better? Because it mixes up letters and numbers.

    Why is g01Ri8hSMC! a good password? Because it mixes up letters and numbers, and also has a combination of upper and lower case letters. It is a little harder for others to guess, but you still have a way of remembering it. Also, at first glance, the phrase it represents is not obvious. Still, it could use some help.

    Why is 1Ch33r4iRShFtBl!! the best example of a good password? By looking at it, it may appear meaningless. However, if you knew the phrase used to create and remember it, it can be easy for you to remember and difficult for others to guess. It also includes a symbol as well as a mix of uppercase letters, lowercase letters, and numbers. (I cheer for Irish football!)

    * goirish is in the top 3,980 most used passwords and can be cracked instantly as reported by https://www.security.org/how-secure-is-my-password/. (g01Ri8hSMC! would take about 400 years to crack, and 1Ch33r4iRShFtBl! would take about 93 trillion years to crack.)

    More Password Creation Tips

    • Use an actual password. Don't use passwords that people can easily guess. 123456 is the most commonly used password. Password is the fourth most common. abc123 is number 10. Qwerty is number 20. (Imperva, January 21, 2010**)

    • Longer is better. You should use at least eight characters for your password.

    • Use the shift key. With six characters, your password can have 308 million letter combinations. By adding capital letters to the mix, you go to 19 billion combinations. With eight characters and the shift key, you're up to 53 trillion combinations.

    • Use symbols. An eight character password with at least one lowercase letter, one uppercase letter, one numerical character, and one special character or punctuation mark gives slightly more than 6 quadrillion combinations.

    • Use a mnemonic. Think of a phrase that will help you remember a password that looks random. The phrase "I cheer for Irish football" could be turned into 1Ch33r4iRShFtBl! and a password like that can take 12 trillion years to crack by a desktop computer.

    • Use different passwords for different things. Don't use the same password for your e-mail account and Facebook, or e-mail and financial institutions.

    • "Treat your password like your toothbrush. Don't let anybody else use it, and get a new one every six months." - Clifford Stoll.

    • Do not write your password on a Post-it note and place it on or near your computer.

    • Test the strength of your password at https://www.security.org/how-secure-is-my-password/.

      • ** Imperva Releases Detailed Analysis of 32 Million Breached Consumer Passwords: http://www.imperva.com/news/press/2010/01_21_imperva_releases_detailed_analysis_of_32_million_passwords.html

    Keeping Your Password Secure

    You should change your password as soon as you get an account, and then you should change it at least once a year, just to be sure it hasn't been discovered and is being used by anyone else. Don't write your password down - that makes it too easy for someone to discover it. You should choose a password that you can remember, but difficult for others to guess.

    To change your Saint Mary's password (e-mail, network drives, Blackboard), visit http://www.saintmarys.edu/account, and click on the Change Password button to change your password. Follow the instructions provided.

    To reset your Prism PIN, visit http://www.saintmarys.edu/prismreset and provide the information requested. A new Prism PIN will be sent to your Saint Mary's e-mail account.

    Don't tell anyone what your password is, under any circumstances. This includes friends, significant others, siblings, and parents. No one has any reason to know your password other than you! There are crackers who have been known to send mail that appears to be from the system administrator, asking you to change your password to something they give you. Don't ever do this! There is no legitimate reason for anyone to ask for your password. If you ever get mail like this, delete the message. If you do, for some reason, give out your password to someone, change it immediately!

    Print out a copy of the PDF available here to keep by your computer. Use the list to verify if a message is legitimate, and who to contact if you have questions about a message.

    To help keep your password secure, Information Technology will not honor any requests for password resets/changes made over the phone. To request that your e-mail password be reset:

    • Faculty and staff will need to visit the Helpdesk (B11 Cushwa-Leighton Library) with a government-issued photo ID card to have their network/e-mail password reset. We recommend calling ahead (574-284-4715) to make sure an Information Technology staff member is available to assist with the password reset before making a visit to the office.

    • Students will need to visit the ResNet Office (B11 Cushwa-Leighton Library) with a government-issued photo ID card to have their network/e-mail password reset. We recommend calling ahead (574-284-5319) to make sure an Information Technology staff member is available to assist with the password reset before making a visit to the office.

Last Modified July 31, 2022