[2016-02-19] New Password Policy

To : All Staff and Students

From : Office of Information Technology

New Password Policy

An increasing trend in hacking activities of unauthorised login to user accounts having simple passwords has been identified recently. In order to mitigate the risk of information leakage, a new User Account Password Policy, as listed in the table below, has been approved by the IT Committee of the University on 23 December 2015.

Items Existing Policy New Policy
Password Complexity Nil (recommendation only) Mandatory combination of 4 types of characters, including:

  1. Upper case characters
  2. Lower case characters
  3. Numbers
  4. Selected special characters ( ! – . ~_ @ )
Expiration Period 180 days No change Reminder to Change
Reminder to Change Password In form of “My Message” in BUniPort 10 days BEFORE expiration, until password is changed Earlier reminders to users by:

  1. “My Message” in BUniPort 14 days BEFORE expiration, until password is changed
  2. Email alert on 30, 20, 10, 5, 4, 3, 2, 1 days BEFORE expiration, until password is changed
Password Length Between 8 -14 characters No change
Password History Nil Disallow re-use of password within 180 days


The new password policy will be effective on 1 March 2016.

Should you have any inquiries, please feel free to contact our Service Call Centre at 3411-7899, or email to hotline@hkbu.edu.hk.

Thank you for your kind attention.

View PDF Version