Password Self-Service: Password Guidelines

A unique Falcon Account username is assigned to every person who has a relationship with the university. Together with a password, this forms the Falcon Account credential that is the institutionally managed credential used for access to IT resources, e.g., email, calendar, Canvas, student records, office workstations, and lab computers. Each person must choose a password for their Falcon Account that meets the following minimum requirements:

  • At least twelve characters in length
  • Contains at least one character from three of the following four categories
    • Lowercase letter (a-z)
    • Uppercase letter (A-Z)
    • Digit (0-9)
    • Printable special character (e.g., :!@$,.)
  • Does not contain your Falcon Account username or parts of your full name that exceed two consecutive characters
  • Must not be the same as any previous password

For some university employee roles with access to sensitive financial and personal information, passwords have these additional requirements:

  • At least fifteen characters in length
  • Need to be changed at least once every sixty days

Additionally, we recommend that your password:

  • does not contain derivatives of your name
  • does not contain a word found in a dictionary (or contains many words)
  • is not similar to any previous password (e.g., adding a number or letter)

The Password Self-Service website can generate good password suggestions for you. You can either use a suggestion directly or alter it after selecting it.

Your Falcon Account is tied to your digital identity at UWRF and may provide access to sensitive personal information. Protect your Falcon Account password just as you would a credit card:

  • Do not share your Falcon Account password with anyone.
  • Do not write down your Falcon Account password unless it can be stored securely. Encryption in an electronic form (e.g., smart cell phone, software on your computer) is best but this is not always feasible. A password written down on a small piece of paper and stored in your wallet is acceptable. This same piece of paper taped to the bottom of your keyboard, even if it does not list your Falcon Account, is not acceptable.
  • Do not use your Falcon Account password on accounts other than your Falcon Account - not on any derivative accounts or other Internet accounts.
  • Application administrators must not encourage use of the password associated with a Falcon Account in combination with any other identifier such as a local application credential or an off-site account.
  • Computer systems and applications must not store the password that is associated with a Falcon Account unless it is stored in an encrypted secure manner approved by the Division of Technology Services (DoTS).

To change your Falcon Account password, you can use the Password Self-Service website.


Article ID: 1133
Mon 3/3/14 12:59 PM
Mon 9/12/22 1:25 PM

Related Articles (2)

Maintaining your Falcon Account password.
Answers to questions about Password Self-Service, including security guidelines.