Overview
The information below describes Duck ID password requirements, and tips on how to create a strong password.
Duck ID Password Requirements
- Must be between 14 and 127 characters in length.
- Must contain both uppercase and lowercase letters.
- Must have at least one digit.
- Must not contain your Duck ID, first name, preferred first name, middle name, last name, preferred last name.
- Cannot be a previous password.
- Password expires every 180 days.
Additional password guidelines
- Should not contain UO ID (95#).
- Should not be the same password you use on any other account.
How to Create a Strong Password
A strong password doesn't mean it has to be hard to remember.
- Use a passphrase or sentence that makes sense to you (e.g., Those who dare 2 fail miserably can achieve greatly.)
- Converting an easy-to-remember phrase into an acronym with symbols is also a good strategy. It is a VERY FINE day to go for a walk could be abbreviated to iiavfdtgfaw, and then by adding three digits, would become a valid password of iiaVFdtgfaw203.
- Choose a word, then scramble it with some random numbers. Repeat the word if the word is too short. (e.g., buffalo becomes Bu3fa2oBu3fa2o).
- Choose three random words and some random digits to string them together, such as duck5OREGON2green.
About Duck ID Password Requirements
The university has developed its password requirements in consultation with the Information Security Office and in alignment with industry best practices. Password requirements will be re-evaluated as best practice and our environment changes.