University of Vermont

Information Technology

The UVM NetID: Your Online Identity

Protecting your NetID

With your NetID being used to access so many different services, it's important to keep it secure. Everything from hackers and phishing scams to sharing your password with friends or family can compromise your NetID and all the information it is used to access.

Password strength

Your NetID's password is the key to all the services your NetID can unlock. Having a strong password is essential to maintaining NetID account security. So what makes a strong password? Three things: password length, differing character sets, and complexity.

  1. The longer the password, the more difficult it will be to crack. UVM NetID passwords are required to be at least 8 characters long, but longer is better.
  2. The more character sets used, the more secure the password. Different character sets include:
    • upper case letters (A B C D)
    • lower case letters (a b c d)
    • numbers (1 2 3 4)
    • punctuation or other symbols (! @ # $)

    UVM NetID passwords require at least two different character sets, but more is better.

  3. The more complex a password is, the more difficult to guess. Complex passwords are:
    • not based on words found in the dictionary, in any language
    • not words spelled backwards, common misspellings or abbreviations
    • not sequences (12345678) or repeated characters (22222222)
    • not common mathematic sequences and series like Fibonacci numbers, Pi, or prime numbers
    • not keyboard layout sequences (QWERTYPOIU, qazwsxedc or similar)
    • not dates like birthdays or anniversaries
    • not personal information like names of friends, relatives, pets or children
    • not another unique identifier like your Social Security Number, student ID number, bank PIN, driver's license number or passport number

An ideal password is one that is easy for you to remember, impossible for a human to guess, and difficult for a computer to crack.

For more information on password strengths, see Microsoft Online Safety's guide to creating strong passwords and this article on password recovery/cracking speeds.

Phishing scams

Phishing scams are a method of social engineering to get you to willingly divulge personal information like bank account numbers, credit card numbers and passwords. These scams often come in the form of an email pretending to be your bank, a credit bureau, or a UVM department or support team and ask you to "verify" or otherwise provide your account information. For more information on identifying phishing scams, see Microsoft Safety & Security Center's guide to recognizing phishing emails or links.

UVM will never ask you to disclose your NetID password. Any email or message that asks you to provide your password in a non-login capacity is likely to be fraudulent.

NetID/Password sharing and disclosure

Allowing others to know your password or use it to access UVM services compromises your NetID account and all the services it is used to access. Anyone who knows your password can log in to your class registration and transcripts, financial records, Blackboard course work, email and NetID account settings, all things to which only you should have access.

Similarly, you should never use your NetID credentials as login information to other non-UVM websites or services, such as Facebook, Google/GMail, Apple iCloud/App Store/iTunes Store, or any other of the thousands of online entities that require registration and login. Should these services becomes hacked or otherwise compromised, your NetID information becomes exposed and vulnerable.

UVM will never ask you to disclose your NetID password. Any email or message that asks you to provide your password in a non-login capacity is likely to be fraudulent. It is a violation of UVM's Computer and Network Use policy (PDF, Section 1.b) to disclose your password, and doing so may result in disciplinary action.

Service sharing and guest wireless access

It may be tempting to use your NetID and password on a visiting friend or relative's computer so they can use UVM's wireless network, but allowing others to use the services of your NetID account (even if you didn't share the password) is a violation of UVM's Computer and Network Use policy (PDF, Section 1.d).

UVM GuestNet can be used to let friends and family online with wireless. On your computer, log in with your NetID and password to UVM GuestNet and sponsor a temporary guest account for your visitor.

Last modified October 10 2013 01:13 PM

Contact UVM © 2014 The University of Vermont - Burlington, VT 05405 - (802) 656-3131