One of the most important ways to ensure that your account is safe and secure is to protect your passwords. Follow these requirements to help protect Willoway as well as your personal information where that may apply.


Create a strong password-

Willoway requires passwords to include the following:

  • Passwords must be at least 10 characters long and include  3 of the following 4-character types; 1 uppercase letter, 1 lowercase letter, 1 number, and a symbol.  (Example:  C0r3y!uvsP@ssword$)

  • Or, passwords must be a random set of unrelated words more than 14 characters long. (Example: ‘Safety Work Day All’ and 'safety work day all' are both acceptable)

  • 10 character passwords cannot be a word that can be found in a dictionary or the name of a person, character, product, or organization.  (Example: Willoway4534! is not a secure password.  However, Wil110w@y4534! is secure because the word is altered significantly.  However please do not use "Willoway" even with substituted vowels as that is the first thing hackers try.

  •  please do not use Willoway even with substituted vowels as that is the first thing hackers try!)

  • Passwords cannot be a date, or date in combination with a word.  BillyBob2014! is not a secure password.

  • Suggestion: Make something easy for you to remember but difficult for others to guess. Consider using a memorable passphrase like "6TreesRGrowing^" or 'six trees are growing.'

Protect your passwords

Once you’ve created a strong password, follow these guidelines to keep it secure:

  • Don’t share a password with anyone. Not even a friend or family member.

  • Do not save or write down passwords manually or digitally unless using officially approved password management software.  Password management software will automatically update stored passwords and keep them secure.  If you want help keeping track of your different passwords reach out to IT to install an approved password management solution.  Requires Approval.

  • Never send a password by email, instant message, or any other means of communication that is not reliably secure.

  • Use a unique password for each website. If crooks steal your account information from one site, they'll try to use those credentials on hundreds of other well-known websites, such as banking, social media, or online shopping, hoping you've reused the password elsewhere. That's called a "Credential stuffing attack" and it's extremely common.