Information Security

Dansk

 Information Security Password

Passwords

RULE: Passwords and PIN codes

AU employees are issued with passwords for IT systems at AU as well as a key card with a PIN code that gives access to the parts of the university where they work.

Students are also issued with a password for part of the university's IT systems as well as a student ID card with a PIN code.

  • Passwords and PIN codes are personal, and must not be shared with others – even IT staff at AU.
  • Computers and mobile devices belonging to AU must have an automatic screen lock.

If you suspect that others may know your PIN codes or passwords, please report this to your local IT support team and then change the code.

IT support - staff

IT support - students

RULE: Requirements for passwords

  • A password must contain at least 12 characters. Longer passwords may be required for privileged access when accessing sensitive information or business-critical systems.
  • A password must contain combinations from at least three of the following categories: Upper case letters, lower case letters, numbers and special characters. Æ, Ø, Å cannot be used for AU's systems.
  • You may not reuse passwords for AU's systems, for example to access external websites and system accounts. 

TIP: Make strong passwords and remember them

  • A password must be strong. Make sure that it is not easy to guess your password.
  • A password should not contain personal information. Many people use birth dates, names, addresses and similar as passwords, but they are relatively easy to guess for people with sinister intentions.
  • You can create and remember a password based on a sentence or a passphrase, for example.

Password based on sentences

  • It is easier to remember a sentence than a random order of letters, numbers, special characters, etc. You can use this to create a password as a number of characters based on a sentence. For example, Lauritz has been rector of Aarhus University for more than four years. This sentence can be translated into the following password: LhbRoAU>4yrs.
  • Without the sentence, this password would probably be almost impossible to remember, but the sentence makes it very easy to remember.
  • You can expand the system, for example by replacing specific letters with numbers or special characters. E.g. $ instead of S.

Password = passphrase

  • You can also use passphrases as your password. These are whole sentences used as passwords.
    For example, Peter has 1 yellow Volvo, but it looks brown. 
  • This passphrase is a good example because it is relatively easy to remember, fairly complex, difficult to guess and so long that trying to guess it would be impossible.
  • The downside is that not all systems support passphrases. 
  • You can often work around this by removing "spaces" and other not "normal" characters, so the sentence instead looks like this Peterhas1yellowVolvo,butitlooksbrown.
  • If it is possible to use passphrases, be careful not to use passphrases that are "easy" to guess, for example "Old MacDonald had 1 farm". Famous quotes and songs, etc. are probably already on the hackers’ passphrase lists, making them easier to guess.

TIP: How to change your password

It is a good idea to change passwords on your devices regularly. Click here to find out how to change your passwords.

TIP: Remember to lock your computer

Always use screen lock, no matter where you are, so that unauthorised persons cannot access AU data. 

How to lock your Windows computer

Here you can find two different ways to lock your Windows computer

  1. Press simultaneously on Ctrl + Alt + Delete and select "Lock Computer". 
  2. Press simultaneously on the Windows button + "L". 

How to lock your Mac without screen saver

  • Go to Applications, Help programs, Main keychain.
  • Choose Settings and tick off Show status in menu bar.
  • Now, you will see a small padlock in the menu bar. Use it to lock your Mac.

How to lock your Linux computer

If you use Linux without graphic user interface, remember to log out when you leave the computer.

If you use a graphic user interface, Linux is as standardised as Windows or Mac. Therefore, there can be different ways to lock your screen depending on distribution and some times depending on which user interface you use.

CTRL+ALT+L works in some distributions, however, the best advice is to use the help function which is build in to find the correct way for your system.

Revised 08.03.2023
-
Informationssikkerhed