A strong password should be between 8 and 64 characters. It should include letters, numbers and at least one special character (!, @, #, $, %, etc.).
Misspellings strengthen passwords, and make them more memorable. For example, a strong password could be “t3chn0!oggy” because it contains letters, numbers, and a special character. The password is easily remembered due to its misspelling.
Changing Your Password
To change your password, navigate to the Washington College Account Self Service Page (selfservice.washcoll.edu). Alternatively, click WC Account Self Service on the login page for Faculty/Staff or Students.
Setting a strong password from the beginning is a good start to being a smart user of the Washington College network. However, it’s not enough to be truly secure. Security experts recommend changing your password (or pass-phrase) at least once every three months (90 days) and Washington College requires this practice.
Every 90 days you will be prompted to change your password when your password is five days from expiring. You will also get a reminder each day until your password expires. You will not be able to use the same password for the next three password changes. Please help us protect the campus community - and you - online by changing your password frequently.
Password phishing commonly occurs when an outside malicious scammer sends emails to faculty, staff or students requesting account information (passwords). The attempts frequently pretend to be campus IT administrators to lure WC users into giving information. The emails usually request users to reply with account information, or link to a website with a form asking for account information.
These phishing emails often appear to be sent from washcoll.edu email addresses, however email addresses can be spoofed. Users can distinguish a legitimate email from a phishing attempt by checking the “reply-to” address. Phishing attempts usually come from outside of washcoll.edu.
Common password phishing emails contain threats about accounts being suspended for being over quota, or accounts being terminated for inactivity. The messages use phrases, such as “comply immediately!”
When attempting to determine if an email is authentic or not, remember that Washington College will never send you an email requesting any confidential information, such as your user id or password. We will however, request that you change your password every 90 days through WC Account Self Service. If you are unsure of an email’s authenticity feel free to contact the HelpDesk.
If you’ve fallen for a phishing scam…
- Change your password immediately.
- Your account was most likely used to send spam messages, so you should expect replies and bounce messages for a few days.
- Notify the HelpDesk.
For questions about passwords, please contact the HelpDesk at 410-778-7777.