A new Password Dictionary component is being implemented to increase security and better align Towson with NIST security standards.
A Password Dictionary is a list of words or characters that users are prevented from including when creating a password. The end-goal of the Dictionary implementation is to prevent malicious actors from guessing commonly used passwords. This includes words like institutional names, local sports teams, easily guessed keyboard patterns, or season/semester names.
Dictionary policy will be the same for both Students and Faculty. The campus community will not need to account for the new dictionary requirements until it is time for them to reset their password.
If an individual uses a password contained within the dictionary it will show as:
They will need to try another password. This error cannot be customized.
The custom password list is maintained by OTS Office of Information Security and Identity and Access Management teams.