​Password Selection and Security Guidelines​

​General guidelines:

• Passwords MUST always remain confidential.
• Passwords must NEVER be written down or shared with anyone (neither co-workers nor superiors or technical staff).
• Passwords used in information systems of the University of Maribor MUST NOT BE USED in other information systems (e.g. online banking, other e-mail systems, such as Gmail, social networking sites, such as Facebook).
• Passwords must be changed on a regular basis (recommended password validity on servers: 1 year).
• The "remember password" feature in browsers must be disabled.

When changing passwords, please make sure that you have changed (saved) all passwords on all devices and in all systems (e.g. eduroam on mobile devices). Otherwise, access will be denied if you try to log in with your old password.

Recommendations:

• The new password should not contain more than three of the same letters of the existing password.
• Passwords should be at least 15 characters long (a combination of at least one lowercase and one uppercase letter and at least one number (between 0 and 9) and symbol (e.g. $ or @).
• Passwords should not contain a dictionary word, your username (or one of its part) or the name of your department.

If you believe that working with information systems of the University of Maribor in accordance with the above mentioned guidelines is impossible, please inform your superior or the University's Computer Centre. Together we will find an appropriate solution.