Dear Campus Community,

As part of our ongoing commitment to safeguard our campus community’s personal and academic data, we are introducing a critical update to our account password policy.

We are taking a big step to boost Chapman University’s online safety. Effective June 15, 2024, all campus account passwords must be at least 12 characters long. Additionally, everyone will be required to change your password once a year. This is a significant move to safeguard our personal and academic information from the ever-growing cyber threats.

How do I reset my password? 

  • We highly recommend Resetting your password before the deadline to avoid disruptions by going to password.chapman.edu.
  • After the password change, you will need to update your Eduroam Wi-Fi password or log out and log back into the network to reconnect.
  • We encourage users to add their cell phone numbers, personal email addresses and use Microsoft Authenticator for 2-factor authentication and identity verification.
  • When you change a password, it’s good practice to sign out and back in or lock your computer and unlock it with the new password.
  • Alternatively, windows users can follow these instructions.

Why the Increase in Password Length?

  • Enhanced Security Against Hacking: Longer passwords are exponentially harder to crack. Increasing the minimum length significantly lowers the risk of brute-force attacks, where hackers attempt to guess passwords through trial and error.
  • Greater Complexity and Variability: With more characters, there are more possibilities for unique combinations. This complexity makes it challenging for attackers to use common hacking techniques like dictionary attacks, where commonly used passwords and phrases are tried.
  • Alignment with Industry Standards: Adopting a 12-character minimum aligns our campus with current best practices in information security, ensuring that our protocols are up to date with the evolving digital landscape.

Guidelines for creating a strong password: 

  • Make it at least 12 characters long.
  • Include both uppercase and lowercase letters.
  • Use numbers.
  • Incorporate special characters (e.g., ~! @#$%^&()-_+=), including spaces.
  • Consider using a passphrase, a series of words combined into a phrase. This is an example of a strong passphrase: “Ch0c0l@teCakeIsMyFav0ritedess3rt.”
  • Password cannot contain the user’s first, last, or account (username) name. 

Additional considerations: 

  • Refrain from using personal information in your passwords, such as your user ID, family members’ or pets’ names, birthdates, or phone numbers.
  • Avoid patterns commonly found on keyboards (e.g., qwerty) and repetitive characters (e.g., aabbcc or 112233). 
  • Do not use your name, Chapman University username, or words associated with the University, like “Chapman,” “Panther,” “Orange,” and the like. 
  • Maintain a clear separation between your personal and professional passwords.
  • Passwords must be changed once every 365 days.
  • Your new password should not be shared with anyone, and it is essential to keep it confidential.
  • The University does not provide a Password Manager tool. However, there are several well-known tools available, such as 1Password, Bitwarden, and Dashlane. If you decide to use a password manager, we recommend creating a separate account for Chapman University using your Chapman password and not saving your personal passwords on your Chapman account (and vice versa).

Need Help?

Visit the Password Management information page for more information. If you need assistance, please contact the IS&T Service Desk at servicedesk@chapman.edu.

This update is a proactive measure to ensure the continued security and integrity of our digital resources. By working together and embracing these changes, we can create a more secure online environment for everyone on campus.

Thank you for your cooperation and commitment to maintaining the information of our campus community.

Chapman University Information Systems and Technology (IS&T)