eID Password Rules

The requirements for the VCU eID password are as follows. The eID password:

• must be at least 7 characters long
• must not be longer than 12 characters
• must contain at least 1 capital letter
• must contain at least 1 lowercase letter
• must contain at least 1 number
• must contain at least 4 different characters (e.g. A1a1a1a is invalid)
• cannot begin with a number
• cannot end with a number
• cannot contain any special characters (i.e. the password must be all letters and numbers)
• cannot be a password you have used in the past

Strong passwords cannot be guessed easily. Hackers often use automated tools to help them guess or crack passwords, and the easier a password is to guess, the faster a hacker can break into a system. Here are some basic rules to follow to help protect your account from unauthorized access.

• Do not use all or part of your eID in your eID password
• Do not use all or part of your name in your eID password
• Do not use a real word (from any language) in your password
• Do not use numbers in place of similar letters to form a word
  • Hackers know that people do this so Passw0rd and C0mm0nw3alth are not strong passwords
• Do not use consecutive letters or numbers (e.g. Abcdef5g or o1234567Tn)
• Do not use adjacent keys on your keyboard (e.g. qWert6y)
• Do not write down your password
• Do not allow your browser to remember your passwords
• Do not share your password with anyone