gear icon

Creating a Secure UBITName Password

Protect yourself from identity theft.

Operating System: All

Applies To: UB students, faculty, staff, alumni, retirees and volunteers

Last Updated: January 18, 2018

Why use a secure password?

If someone has your password, they can:

  • Find personal information
  • Access MyUB, HUB Student Center or other services
  • Log into your UBmail account
  • Access confidential UB information on the university's network
  • Gain information about your registered computers at UB and register their own on your UB account

How do they get my password?

There are several different ways someone can acquire your password:

  • Cracking: Password cracking programs are designed to guess the most common passwords first.  Most programs can make over one million crack attempts per second.
  • Malware: Password stealers and keyloggers are often packaged with viruses and spyware.
  • Phishing: UB will never ask you to confirm your password through email, so don't click on links in an email asking you to do so.  If you suspect or are unsure if you have received a phishing attempt email, please contact the UBIT Help Center before clicking on any links with the email.
  • Social Networking: Never give away your password to anyone, even someone claiming to work for the UBIT Help Center or other UB department.

What is a secure password?

The next generation in secure passwords is a passphrase. A passphrase uses a short phrase instead of a single word, making it more difficult for someone else to guess or use. It should be virtually impossible for others to guess, and not contain or be based on personal information. 

What should I avoid?

There are many ways people try to make their passwords easier to remember. Password cracking programs look for the most common passwords first.

Passwords should NOT:

  • Contain your UBITName
  • Be the same as other passwords you are currently using (including non-UB services)
  • Be a single word, forward or backward, from an English or foreign dictionary
  • Contain more than three sequential characters on a keyboard (ex: qwerty or 1234)
  • Contain more than two consecutive repeating characters (ex: aaaa1bb)
  • Be all numbers such as birth or anniversary dates (ex: 091785)
  • Be shared with anyone for any reason

How do I create an easy-to-remember password?

There are three simple ways:

  1. Create a password by taking a short phrase and:
    • Change the capitalization of some of the letters
    • Replace some of the letters with numerical and symbolic substitutions (ex: $ for S, 3 for E)
    • Misspell or abbreviate some words (ex: "go fight win ub bulls" becomes "G0f!gh+winu88u11$")
  2. Choose several shorter words and add some numbers in the center, than change the captialization and substitute symbols for letters (ex: "book 1159 Hamlet" becomes "b0()k1159H^ml3+").
  3. Choose a memorable quote or phrase and use only the first letter from each word (ex: "We will show the world what it means to be the University at Buffalo" becomes "WW$+ww!m+8tU^B").

What are UB's rules for creating a password?

Your password must:

  • be different from your last 3 passwords
  • be between 8 and 32 characters in length*
  • contain at least 1 capital letter
  • contain at least 1 lowercase letter
  • contain at least 1 number
  • contain at least 1 of the following characters: ~!@#$%^&*()_+=-`{}[]|";'<>,.?/
  • not contain the following characters: :\
  • not be a previously used password from within the last 365 days

Note: Passwords longer than 20 characters may not work with some UB systems.

Contact the UBIT Help Center

Have a UBITName? You may also use the UBIT Help Center Online (login required).

(xxx) xxx-xxxx
Use your email ONLY if you have access to it