For best experience please turn on javascript and use a modern browser!

Tips for creating a secure password

Create a unique, strong password for your UvA-net ID. Change your password at least once a year and never share it with anyone.

Create a unique, strong password for your UvA-net ID

Unique means that you use this password for your UvA-net ID only and not for any other web services; strong means that the password meets the following criteria:

  • It contains at least 8 and no more than 16 characters.
  • It contains at least 1 upper-case letter.
  • It contains at least 1 lower-case letter.
  • It contains at least 1 number.
  • It contains at least 1 of the following special symbols:
    ~ ! @ # $ % ^ & * ( ) _ + = - ` { } [ ] | : ; ' , . ? /
  • It does not contain your UvA-net ID, first name or surname.
  • It is not the same as any of your previous passwords.

Why should you change your UvA-net ID password at least once a year?

With the Internet and open Wi-Fi, more and more UvA systems and services are now accessible from home, the train, caf├ęs, and so on. In these situations, there is a higher risk that someone with malicious intent can discover your password (by shoulder surfing or over an unsecured connection) and then use your digital identity to access and even alter important business information. Even within the UvA, passwords can sometimes end up in the wrong, unauthorised hands.

Change your password 

Having trouble remembering your passwords?

Use a password manager and the tips below to keep track of all your passwords.

Password manager

A password manager is a digital safe in which you store all your passwords, so you only need to remember one strong master password. Password managers are available as computer and laptop software, tablet and smartphone apps and web applications. A few good ones are lastpass, dashlane and stickypassword.

Tips for creating a password

Coming up with a good password can be tricky, as it has to be difficult to crack but also easy for you to remember. The following tips can help:

  • Replace some letters with other characters. You can swap a 3 for an E, a 0 for an O, a 4 for an A, and so on. However, because hackers sometimes include these obvious replacements in their scripts, using non-standard numbers makes for a stronger password. For example, replace O with ().  
  • Use a combination of two or more unrelated words. If you separate the two words with a symbol and also replace the numbers as shown above, you'll have a strong password that is easier to remember. For example 'Cat and Computer' could be 'C4t#C()mPut3R'.
  • Come up with a phrase that is easy for you to remember and condense it into eight characters. The sentence 'Have you got a club card, ma'am?' could then be 'hygaccm?'. If you replace a letter with a number and put some letters in upper case, this could become 'hYg4((.M?'. 
    A long phrase containing 16 characters or more is also very strong, provided that you include a few special characters.
  • Add two letters to create different site-specific passwords. While it's essential not to use the same password for every single website, it's also hard to keep track of fifty different passwords. A good trick is to add an additional letter to the beginning and end of your strong password which refer to the particular website. For Facebook, say, you can turn the above password into 'fhYg4((.M?k'.   

Note that the passwords mentioned here are intended to serve as examples only and should not be used verbatim. Instead, use the tips to come up with your own strong password. Combining these will make your password extra strong.   

  • Create categories for important and less important accounts. Protecting your email is more important than a hobby newsletter subscription or so. Group your passwords into three categories: very important (confidential), important and less important. The more confidential the data, the stronger your password needs to be.  
  • Use different passwords for your work and private accounts. That way, if cyber criminals ever obtain your private password, they won't also automatically have access to all your other accounts such as your UvA account.