Password Policy
Last review date: October 2023
This document proposes a common standard for passwords used by registered users of the Join Dementia Research service.
Secure passwords enable us to protect our users’ data and maintain the confidence of external organisations in our data safeguarding processes.
This policy sets out our password standards and how to change your password.
Password standard
Volunteer passwords must:
- be 8 characters or more
- not include common password phrases
Researcher and staff passwords must:
- be 10 characters or more
- not include common password phrases
The Join Dementia Research system won’t allow passwords that are too commonly used. We also recommend that all users choose a password that adheres to the following guidance:
- Long passphrases (random collections of words stuck together) are regarded as the best practice and hardest to crack, whilst still remaining memorable to users
- All reasonable precautions should be taken to keep passwords secret and to ensure they cannot be easily guessed or derived by others
- Using three random words to generate your password, e.g. ‘applenemobiro’ as these are easy for you to remember and hard for others to guess
The following password characteristics should be avoided:
- anything obviously related to the password owner (names of relatives, friends or pets, birthdates, user-ID)
Changing your passwords
You can change your password at any time, either by using the Forgotten Password link on the Join Dementia Research website, or by logging into your account and selecting “My Account” at the top of the page.
You can also contact us if you would like help with changing your password.
We particularly urge users to change their password any time they suspect it may have been compromised.
For more information, please visit our page on how to update your password.