Skip to main content

Creating strong passwords

Password Policy Summary/Overview       

MSU Denver's IT Services password policy applies to anyone with access to a password protected computer or other technology resource at MSU Denver.  It requires the use of strong passwords that are difficult to guess and/or infer.  The policy mandates the following:

  • Passwords must be changed at least every 120 days (the length of a semester).
  • Passwords should be changed whenever a security compromise is suspected.
  • Passwords should never be posted on, under, or around your computer or workspace.
  • Passwords should never be shared with anyone.
  • Passwords for MSU Denver technology resources must not be used for non-MSU Denver resources.

Failure to comply with these policies may result in one or more of the following actions:

  • Suspension of access to MSU Denver technology resources.
  • Disciplinary action ranging from warning to termination/expulsion.
  • Civil and/or criminal proceedings.

The full password policy can be reviewed at


Password requirements

Passwords must contain

  • At least 8 characters
  • At least 2 uppercase letters (A-Z)
  • At least 2 lowercase letters (a-z)
  • At least 2 digits (0-9)

Passwords must not contain

  • Simple sequences (12345, abcde)
  • Single dictionary words (in any language)
  • Any part of your name, ID, SSN, username, birthday, anniversary, spouse/child's/pet's name, or phone number

Quick Notes

  • Old passwords must not be reused for at least one year.
  • At least 3 characters from previous password must be changed.
  • Do not use Remember my login/password or Automatic Login options.


Tips for Creating and Remembering Strong Passwords

  • The easiest way to remember a complex password is to develop your own personal pattern to create them.  Following the above requirements, your pattern will determine which letters are uppercase, which are lowercase, and where digits will be placed.  When you stick with your pattern each time you create your password, all you will need to remember are the words you have chosen each time you recreate it.  The rest will remain the same.
  • We suggest that when prompted to change your Windows password, you also change all your passwords.  Then change them all again at the beginning of each semester.  This will eliminate having to make staggered changes.
  • It is strongly suggested that using only common, well-known substitutions be avoided (i.e. M1cr0$0ft for Microsoft, or P@$$w0rd for Password).  These are relatively easy to figure out.
  • Here are some examples to help you create strong passwords that are easy to remember.
    • Example 1:

      • Select a memorable line from a song, movie, or book.

        • Example: Raindrops keep falling on my head.

      • Choose the first letter of each word.

        • Example:  rkfomh

      • Capitalize every other letter.  

        • Example:  RkFoMh

      • Add a digit after the first, third, and fifth letters.

        • Example:  R3kF6oM9h

      • Your new password is: R3kF6oM9h

    • Example 2:

      • Select a sentence that is memorable to you.

        • Example: My son Aidan was three in the fall.

      • Combine the first letters of each word in the sentence.

        • Example:  msawtitf

      • Place digits in the 3rd and 6th positions.

        • Example:  ms8aw3titF

      • Capitalize the 1st, 2nd, and last letters.

        • Example:  MS8aw3titF 

      • Your new password is: MS8aw3titF

    • Example 3:

      • Select 2 or more unrelated words

        • Example: counter grateful

      • Capitalize every 3rd letter in the first word, and the first and last in the 2nd word

        • Example:  CouNteRGratefuL

      • Place 2 digits between the 2 words

        • Example:  CouNteR1Gr8fuL

      • Your new password is: CouNteR1Gr8fuL

Further Assistance


If you have additional questions, concerns, or need immediate assistance - Please contact the MSU Denver Help Desk.

Edit this page