How do I create a secure password for my e-mail account, personal computer, bank account, or other purpose?
Changing Your Password
To change your Saint Mary's password (e-mail, network drives, Blackboard), visit http://www.saintmarys.edu/account, and click on the Change Password button to change your password. Follow the instructions provided.
Phishing scams
For information on phishing scams, please refer to these FAQs:
Creating a Password
Creating a secure password is very important, because unauthorized users are often able to steal accounts or gain access to a system by guessing passwords. People who try to gain unauthorized access to a computer or a specific account are called "crackers". If your account is compromised, because of either a bad password or other means, the cracker can not only remove or modify any of your files, but he/she can also attack other users on the system, or other systems on the network. They may also attempt to use information from your account to steal your identity (identity theft).
Good passwords are difficult to create; care and thought should go into each one. Here are some guidelines for choosing passwords.
Some examples of bad passwords are:
Good passwords are usually pieces of several words, with odd capitalizations. A good password may include punctuation or other non-alphabetic characters. Using digits in unexpected locations can make a password better.
Some examples for passwords (please do not use these examples for your own password):
Why is goirish a bad password? Because it contains words that are easily found in a dictionary and is relatively easy to guess on our campus. "goirish" is in the top 4,000 most used passwords.*
Why is g01r1sh better? Because it mixes up letters and numbers.
Why is g01Ri8hSMC! a good password? Because it mixes up letters and numbers, and also has a combination of upper and lower case letters. It is a little harder for others to guess, but you still have a way of remembering it. Also, at first glance, the phrase it represents is not obvious. Still, it could use some help.
Why is 1Ch33r4iRShFtBl!! the best example of a good password? By looking at it, it may appear meaningless. However, if you knew the phrase used to create and remember it, it can be easy for you to remember and difficult for others to guess. It also includes a symbol as well as a mix of uppercase letters, lowercase letters, and numbers. (I cheer for Irish football!)
* goirish is in the top 3,980 most used passwords and can be cracked instantly as reported by https://www.security.org/how-secure-is-my-password/. (g01Ri8hSMC! would take about 400 years to crack, and 1Ch33r4iRShFtBl! would take about 93 trillion years to crack.)More Password Creation Tips
** Imperva Releases Detailed Analysis of 32 Million Breached Consumer Passwords: http://www.imperva.com/news/press/2010/01_21_imperva_releases_detailed_analysis_of_32_million_passwords.html
Keeping Your Password Secure
You should change your password as soon as you get an account, and then you should change it at least once a year, just to be sure it hasn't been discovered and is being used by anyone else. Don't write your password down - that makes it too easy for someone to discover it. You should choose a password that you can remember, but difficult for others to guess.
To change your Saint Mary's password (e-mail, network drives, Blackboard), visit http://www.saintmarys.edu/account, and click on the Change Password button to change your password. Follow the instructions provided.
To reset your Prism PIN, visit http://www.saintmarys.edu/prismreset and provide the information requested. A new Prism PIN will be sent to your Saint Mary's e-mail account.
Don't tell anyone what your password is, under any circumstances. This includes friends, significant others, siblings, and parents. No one has any reason to know your password other than you! There are crackers who have been known to send mail that appears to be from the system administrator, asking you to change your password to something they give you. Don't ever do this! There is no legitimate reason for anyone to ask for your password. If you ever get mail like this, delete the message. If you do, for some reason, give out your password to someone, change it immediately!
Print out a copy of the PDF available here to keep by your computer. Use the list to verify if a message is legitimate, and who to contact if you have questions about a message.
To help keep your password secure, Information Technology will not honor any requests for password resets/changes made over the phone. To request that your e-mail password be reset:
Last Modified July 31, 2022