Password frequently asked questions (FAQs)
- Which systems use my Deakin password?
- What are the password rules?
- Should I allow software, such as web browsers and wireless connections, store my username and password?
- I stored my password in Outlook Web Access (OWA). How do I remove it?
- Why do I need to change my password regularly?
- How often must I change my password?
- Once I have changed my password, when will the new password become active?
- How can I change my password?
- How can I protect my password?
- Can I store my password on my smartphone or computer?
- How can I remember my password but keep it secure?
- Can I write my password down?
- I think someone knows my password. What do I do now?
- Someone has requested my password, what should I do?
- What is account lockout?
- Why has Deakin University implemented account lockout?
- How many times can I incorrectly enter my password before I am locked out?
- What if my account is not unlocked after 15 minutes?
- How long will it be before I can use my account after the IT Service Desk unlocks it?
- What will I be locked out of?
- How can I get back into my account once it is locked?
- What happens if I go to a different workstation? Will I still be locked out?
- Are there any other times when an incorrect password will lead to account lockout?
- Why has my account been locked when I am using my own wireless laptop?
- Why is my account locked when I haven't made an incorrect login attempt?
- What benefits are there for me?
Which systems use my Deakin password?
There are a number of systems that your Deakin username and password provide access to:
- Deakin email address
- Deakin home directory and shared work areas
- Access to the Internet from the Deakin network
- Access to the Deakin Portal, iLecture - all electronic teaching facilities
- Access to CloudDeakin
- Access to Student Connect, dCal, Internet Usage System (IUS)
- Access to laboratory workstations
- Access to Deakin's dial-in service
- Access to Deakin restricted websites
What are the password rules?
Your new password must:
- Be different from your last five passwords.
- Be significantly different from your previous one, to avoid someone anticipating your new password from your last one.
- Be eight characters long and contain a combination of the following characters: lowercase (a-z), uppercase (A-Z), numbers (0-9) and punctuation (.=-!@#&()).
Should I allow software, such as web browsers and wireless connections, to store my username and password?
Deakin does not recommend saving passwords in this manner as, in addition to being a security risk, you will need to remember to change all of them each time you change your password.
I stored my password in Outlook Web Access (OWA). How do I remove it?
Deakin does not recommend the storing of passwords in any application. Your browser stores the password for OWA if you have selected this option. To remove the saved password you will need to do this through your browser.
For example, to remove a stored OWA password using Mozilla Firefox, first open Firefox.
Go to: Tools > Options > Security. In the section called Passwords, untick 'Remember passwords for sites'.
This will remove any saved passwords.
back to top
Why do I need to change my passwords regularly?
An older password is more likely to be compromised. By changing your password regularly, you can ensure that a compromised password is not reused indefinitely.
How often must I change my password?
We recommend you change your password every trimester.
Once I have changed my password, when will the new password become active?
The new password will not be available for all services for up to one hour.
How can I change my password?
If you are using a University workstation on-campus, you can change your password from the desktop. Refer to the help sheet titled Password: managing and changing for instructions. Alternatively, you can change it online at www.deakin.edu.au/password.
back to top
How can I protect my password?
- Never give your password to anyone. This is YOUR responsibility. The purpose of having a password is to ensure that no one other than you can use your username.
- Never email your password to anyone.
- Never allow another person to use a computer that you have logged in to.
- Remember password sharing is not permitted at Deakin in any circumstance.
- Avoid writing your password down.
- Change your password regularly.
Can I store my password on my smartphone or computer?
NO, unless you store them in an encrypted application designed to store passwords on your computer or smart phone.
Examples of such tools can be found at:
How can I remember my password but keep it secure?
The easiest method to remember a password and keep it secure is to pick a sentence that reminds you of the password. For example:
- Hope my car gets through 2 semesters! (Hmcgt2s!)
- What time is Class in room 9? (WtiCir9?)
Can I write my password down?
Passwords should not be written down. If there is a reason why a password must be written down:
- Store the paper in a secure place and destroy it when it is no longer needed.
- Write down only personal hints to the password, rather than the password itself.
- Do not identify where the password is used or that the hints relate to a password.
- Keep any written hints physically safe - for example, in a wallet, purse or handbag and NOT stuck to your computer monitor, under the keyboard or in your drawer!
I think someone knows my password. What do I do now?
If you think someone knows your password - immediately change it from a computer you control and trust and report the incident to the IT Service Desk.
Someone has requested my password, what should I do?
Do not give your password to anyone. Refer that person to this webpage.
back to top
What is account lockout?
If you enter an incorrect password five times within 15 minutes your account will be locked for 15 minutes, or until you contact the IT Service Desk to have it unlocked.
Why has Deakin University implemented account lockout?
The Victorian Auditor General's Office (VAGO) mandated that we implement account lockout on all Deakin staff and student accounts. This measure is aimed at preventing password guessing.
How many times can I incorrectly enter my password before I am locked out?
You will be locked out after your fifth incorrect attempt.
What if my account is not unlocked after 15 minutes?
You should contact the IT Service Desk.
How long will it be before I can use my account after the IT Service Desk unlocks it?
Up to ten minutes.
What will I be locked out of?
You will not be able to log in to a University workstation at all.
How can I get back into my account once it is locked?
Either wait for 15 minutes or call the IT Service Desk.
What happens if I go to a different workstation? Will I still be locked out?
Yes, you will be locked out of all Deakin workstations.
Are there any other times when an incorrect password will lead to account lockout?
If you have saved your password in your wireless settings and then change your password, wireless will attempt to connect using your old invalid password. Deakin does not recommend storing or saving your password in these locations.
Why has my account been locked when I am using my own wireless laptop?
You may have saved your password in the settings. If you have changed your password recently your laptop may be trying to connect using your old password. Otherwise, you may have entered an incorrect password five times.
Why is my account locked when I haven't made an incorrect login attempt?
Contact the IT Service Desk to report the incident and have your account unlocked.
What benefits are there for me?
Account lockout is a measure aimed at preventing password guessing. This is a step towards greater IT security at Deakin University.
back to top
Other online accounts
Use a different password for each important online account.
Never use the same password for your work or bank accounts as your personal accounts used for social networking (Facebook, Twitter). This way if one of your passwords is compromised, the other accounts are still safe.
Never use a public computer to access your important online accounts.
Never use a public computer, such as at wireless hotspots, hotels or internet cafés, to log into an account. Since anyone can use these computers, they may be infected with a malicious code that is capturing all your keystrokes. Only log into your work or personal accounts on trusted computers you control.
Handing over personal information to reset a password.
Exercise caution when websites require you to answer personal questions. These questions are often used if you forget your account password and need to reset it. The problem is the answers to these questions can often be found on the internet, such as your personal Facebook page. So make sure that if you answer personal questions, you use only information that is not publicly known. If the website provides other password reset options, such as SMS messages to your smartphone, you may wish to consider these alternatives.
A password on your computer is like a lock on your front door. It prevents strangers walking into your house and stealing your possessions.
Using 'strong' passwords and changing them regularly makes it hard for other people to access the information on your computer or your online accounts. Passwords aren't absolutely unbreakable and aren't a sufficient security measure on their own, but they can help make you less vulnerable to various computer attacks.
Stay Smart Online provides useful information on how to set and protect your password.
How to Manage Your Other Online Accounts
Using the same password for multiple online accounts significantly increases the impact and scope of the potential consequences of a single breach.
- Never share your password(s) with anyone. A password is meant to be a secret known only to you.
- Set strong passwords, particularly for important online accounts and change them regularly-consider making a diary entry to remind yourself.
- Use different password for different accounts.
- Don’t save passwords for important accounts in your web browser – otherwise anyone using your computer could access these accounts.
- Be careful using your password on a public internet terminal such as an airport or internet café.
- Never send your password via email or store your passwords in plain text on your computer.