When you join LUMS, your first password will be given to you by IST.
However, you will be asked to reset it right after receiving it, and also periodically every 90 days. If you log into your LUMS computer or a computing lab PC using your LUMS account, you will be prompted to reset your password when it is close to expiry. If you ignore these reminders, your password will automatically expire, you will no longer be able to access LUMS services, your phone and computer will disconnect from the LUMS wireless network, and you will have to visit the IST Helpdesk to get it reset.
When you change or reset your LUMS password, you must follow the below rules or your password will not be changed or reset.
a) Minimum length of password has to be eight (8) characters
b) Passwords will be checked for the inclusion of at least 3 of the following 4 categories
- Upper-case alphabets (A-Z)
- Lower-case alphabets (a-z)
- Base 10 digits (0-9)
- Special characters (e.g. !, @, #, $, ^, &, etc.)
d) You cannot re-use any of your 5 most recently used passwords
e) A password cannot contain in entirety or a portion of the username
f) The account will be locked for 5 minutes after three unsuccessful attempts
Best practices advise that you:
- Don't choose a password that is a dictionary word (English or foreign)
- Don't choose a password that is the name of a family member, pet or friend, DoB, telephone etc
- Don't choose keyboard, word or number sequences as passwords (e.g. 12345678, qwerty, asdfg, aaaaa, etc.)
- Don't choose passwords that are hybrids of the above
- Don't choose passwords that are any of the above spelled backwards
- Don't choose passwords that are any of the above followed or preceded by a digit (e.g. 1password, password1, etc.)
- Don't share passwords with anyone
- Don't insert passwords in e-mails
- Don't write down passwords in easily accessible places
The following guidelines should be followed as well to protect your password from being compromised:
- Keep passwords confidential;
- Change passwords whenever there is any indication of possible system or password compromise;
- Select strong passwords with minimum length of 8 characters
- Change passwords at regular intervals or based on the number of accesses;
- Avoid re-using or cycling old passwords;
- Change temporary passwords at the first log-on;
- Not include passwords in any automated log-on process, e.g. stored in a macro or function key;
- Not use the same password for business and non-business purposes.
- Single sign-on should be used for all services only when it is ensured that a reasonable level of protection has been established for the storage of the password within each service, system or platform.
Moral of the story: take good care of your passwords and reset them on time!