Layout print header[D]

Password Policy Overview


This policy promotes good practice to ensure that University systems and data are only accessed by authorised users. Password rules are automatically enforced where systems support this. Where they can't, this must be documented. Where possible, users should adhere to the password rules, even when a system can't automatically enforce them. Users only have to set up their question page once, ideally before the need to reset their password. Click on the relevant link and log on to access the question page.

Key Points

  • Passwords must be 12 characters or more,
  • Passwords must contain characters from at least three out of the following four categories: Uppercase letters A to Z, Lowercase letters a to z, Numbers 0 to 9 & Special Characters
  • Passwords must not be a single Dictionary Word
  • The previous 8 passwords cannot be re-used,
  • Passwords must not contain the users first name, surname, username, employee or student number
  • Passwords should not be based on easily identifiable information, for example a pets name
  • Six incorrect password attempts will result in a 30 minute lockout of the account.

The Policy Document

The complete policy can be found here.


Further guidance is currently under development.

The below DTS Help pages for SHU staff only contain further guidance.

Students should contact the IT Service Desk

Sheffield Hallam University website

Sheffield Hallam University, City Campus, Howard Street, Sheffield S1 1WB

Telephone 0114 225 5555 | Fax 0114 225 4449

Privacy Policy

Freedom of information




Legal information