Password Controls for Geneseo Accounts


This policy applies to anyone who has a Geneseo user account. Includes but in not limited to: 

  • Students
  • Employees
  • CAS Employees
  • Volunteers
  • Retirees


To prevent unauthorized access to SUNY Geneseo computer systems, users must practice proper password management. This includes:

  • Never share your Geneseo password with anyone.
  • Never use the same password for more than one account.
  • Never tell your password to anyone.
  • Never write down your password.
  • Never communicate your password by telephone, email, or messaging.
  • All user accounts must enroll in and use Multifactor Authentication.
  • Log off or lock the screen before leaving a computer unattended.
  • Change your password if there is suspicion it has been compromised.
  • Consider using a password manager to create and remember complex passwords.


Password must meet the following complexity requirements:

  • Your password must contain at least 10 characters.
  • Your password must contain 3 out of the following character types:
    • Uppercase letter
    • Lowercase letter
    • Number
    • Special character (e.g. !@#*&).
  • Your password must not contain your name or username.
  • Your password must not match any of your previous passwords.


Sue Chichester
CIO & Director, Computing & Information Technology