Password Rules

In a recent 2017 CSU Information Technology security audit, the auditors determined that the password rules must be updated to comply with the current CSU standard.  This requires a change from an eight (8) character password to a twelve (12) character password.  All other requirements remain the same. 

Requirements are summarized below:

  • Cannot include your username or any part of your username
  • Password length: Must be at least 12 characters
  • Password complexity: Requires any combination of three of the following four:
    • Uppercase letters (e.g., A,B,C)
    • Lowercase letters (e.g., a,b,c)
    • Numerals (e.g., 1,2,3)
    • Symbols (e.g., !,*,%)

In addition, passwords automatically expire every 180 days.

These rules apply for the passwords you use to log into the campus network (e.g., at your office workstation, at an ETC podium, or with your wireless device), Exchange/Outlook, Toromail, Wifi, myCSUDH Portal, and other applications on campus that need authentication.