Skip Ribbon Commands
Skip to main content
SharePoint

PasswordRequirements

Last modified at 5/1/2017 10:26 AM by Bill Coulter (admin)

Password Requirements

Your password must meet these requirements

Passwords are case sensitive, usernames are not.

Complexity requirements
  • Passwords cannot contain the user's account name
  • Passwords cannot contain the users first or last name
  • Passwords must contain characters from at least 3 of the following 4 categories:
    • Upper case letters
    • Lower case letters
    • Numbers
    • Special characters (symbols such as $, %, &, *, @, !, #, +, =)
Password historyYour new password cannot be the same (or essentially the same) as any of your previous 8 passwords. Password complexity requirements algorithms disallow minor changes such as incrementing a number used as the last character (Bandito1, Bandito2, Bandito3, etc.).
Maximum password ageUnlimited -- Webville does not require periodic password changes.
Minimum password ageOne (1) is the number of days a user must keep a password before he or she can change it. 
Minimum password length8 is the minimum number of characters required in a password. Passwords can be up to 128 characters. 
Account lockout policy10 invalid logon attempts will result in account lockout for a duration of 5 minutes. 

Examples

For example, "77shelley" (without the quote marks) does not meet complexity requirements, but "77shelley**", or "77Shelley" or "77Shelley**" does, provided the user's full name or account name does not include Shelley. 

For best security, Webville recommends using a unique password for your email account. Do not use the same password you use for online shopping accounts or any other account. If an online merchant is hacked and your account details from XYZ fall into the wrong hands, you do not want those hackers to gain access to your email password. Many of us store important information in our email, contacts and calendar. This information could be used in an identity theft which could potentially have devastating consequences. Don't let that happen to you - don't use the same password for your email that you use elsewhere. Choose a complex password, unique to this account. Create a password which cannot be surmised by someone who knows a few things about you. The account lockout policy will prevent brute force attacks (robotic guessing of every possible password) but it cannot prevent a smart hacker from trying a few combinations of birthdays, pets names, kids names, zip codes and other obvious giveaways. The Internet is a bad neighborhood, please be safe out there.