One of the most critical factors you should consider when protecting your online accounts is having strong passwords. Without it, you could be giving cybercriminals access to your accounts without even knowing! Your account credentials are a tempting target for bad actors on the internet, and to avoid becoming a victim of password hacking, you should regularly change your passwords.

The average user typically creates a set of passwords that are based on personal information, are easy to remember, and can be repurposed. With technology rapidly improving, cybercriminals have much more computing power that allows them to crack passwords, and less-refined passwords make that even easier.

Due to the rise of information security threats, it has become clear that the guidelines used in modern professional and personal life will need to be updated. Therefore, it is important that everyone has the necessary skills to protect themselves. Having good password hygiene can help you get a head start on protecting yourself.


Guidelines for creating a strong password: 

  • Make it at least 12 characters long.
  • Include both uppercase and lowercase letters.
  • Use numbers.
  • Incorporate special characters (e.g., ~! @#$%^&()-_+=), including spaces.
  • Consider using a passphrase, a series of words combined into a phrase. This is an example of a strong passphrase: “Ch0c0l@teCakeIsMyFav0ritedess3rt.” 

Additional considerations: 

  • Refrain from using personal information in your passwords, such as your user ID, family members’ or pets’ names, birthdates, or phone numbers.
  • Avoid patterns commonly found on keyboards (e.g., qwerty) and repetitive characters (e.g., aabbcc or 112233).
  • Do not use your name, Chapman University username, or words associated with the University, like “Chapman,” “Panther,” “Orange,” and the like.
  • Maintain a clear separation between your personal and professional passwords.
  • Never create easily guessable passwords, and avoid reusing them.
  • Make it a practice to change your passwords regularly.
  • Your new password should not be shared with anyone, and it is essential to keep it confidential. 

Finally, whenever possible, an extra layer of security – such as Two-Factor Authentication. Two-Factor Authentication (2FA) is a terrific way to help prevent unauthorized users from accessing your account if your Chapman University password is compromised. Just remember, if you receive a 2FA request and you are not logging in, deny it. Two-Factor Authentication only works if you reject unknown requests. Chapman University’s 2FA program uses the Microsoft Authenticator app, which is available for Android and iOS devices. Visit to learn more.

If you have questions about your account security or want information on how to stay safe online, please visit IS&T’s security website. If you wish to change or update your Chapman University account password, please visit


Thank you,

Chapman University IS&T

Follow IS&T on Instagram and Twitter: chapmanu_ist