Secure passwords


Secure passwords

prevent unauthorised access to your sensitive data

The 1-2-3 guide to secure passwords:

1 - Select a secure password.

The minimum requirements displayed during the password change must be met - a more secure password is highly recommended though - randomness is your friend, known words are not.

The following procedures have proved their worth:

  • Use a password generator, e.g.
    lastpass.com/generatepassword.php
  • Open any book, select a random sentence, and use the initial letters of that sentence. Add some digits and special characters. Please DO NOT use poems, lyrics, and the like for this method, and be careful about the complexity.
  • Select 4-5 random words and create a sentence (for example, "SimpleReadFreeFreeFind"). Use a dictionary to select random words, or use a random sentence generator, e.g.
    http://watchout4snakes.com/wo4snakes/Random/RandomSentence

Please avoid:

  • the use of names, dates of birth, places of residence, project names, etc.
  • use of any information that might be present in any list (e.g., dictionaries).
  • the use of personal data - even those from your friends and family.

2 - Take good care of your password.

  • Use different passwords for each system. Especially for the use with online service providers and social networks use password management tools and randomly generated passwords.
  • If you suspect that another person has knowledge of the password of your BOKU account, please change it immediately or contact the ZID hotline.

3 - Never share your password.

Your login name and password allow access to a wide variety of services in your name. All of BOKU's IT services are set up in such a way that sharing of personal accounts is not necessary. All required permissions can also be assigned to other persons.

  • At BOKU the sharing of passwords from personal accounts is explicitly prohibited by "Betriebs- und Benutzerordnung", non-compliance may lead to immediate deactivation of your account and disciplinary measures.
  • If another person needs access to services and data that are currently only available with your account, please contact the ZID.
  • No ZID employee will ever ask you for your password (only for your login name, to uniquely identify your account). Mails where you are requested to provide your login data are ALWAYS fraud attempts, so-called phishing (password fishing). Never reply to such mails and do not click any links. Please contact ZID hotline if you are not sure.