Tip for: 03.27.17 | Updated: 05.08.20
How strong is the password you use to log in to Alexandria? You aren’t going to have any mischievous 7th-grader guessing it and wreaking havoc on your collection, are you? Let’s take a look at some good password tips.
Picking a good password
In general, you want to choose a password that someone is not likely to guess, whether it’s ‘silverhorses’ or ‘112233cats’ etc. But as a librarian with access not only to your precious Alexandria catalog but also to numerous person records, you are responsible for the security of the database and of those patrons’ information.
To choose a strong password, you want something that a) the 7th-grader can never guess, and b) hacking (password-guessing) software is going to have to work really, really hard for. These are similar but not the same goals. For example, the 7th-grader will never guess a random 5-digit string of numbers (or, it might take them thousands of tries), but 5 digits isn’t that long for a computer program to try every possibility. On the other hand, a program might take forever to guess ‘ilovebooks4ever’ but the 7th-grader might try that fairly early on.
Some highly-recommended points for picking a good password:
- Pick a long semi-random phrase, like ‘herdofsilverhorses’.
- Add a number to really throw things off, e.g. ‘herdof30silverhorses’.
- Add a symbol* to make things really fancy, e.g. ‘herdof30silverhorses!’.
- Don’t write your password on a sticky note that you keep on your desk. (I recommend using password-management software.)
If you count that last iteration of my beautiful password, it’s 21 characters long. Yikes! That’s pretty secure. Usually 12–15 characters will keep you pretty safe. Anything above that and you are a super guardian of your domain.
*Most symbols are fine, but be aware that some login pages will see symbols in the password as part of their code, and then you get stuck out of your account. Not fun. So be sure to always test your password after you change it! In Alexandria we recommend any of the following: !@#$%^&*-=+.,
Changing your password in Alexandria
You can change your own password in Alexandria through Researcher:
- In v7, log into Search. Go to Patron Status by either clicking on the Patron Status icon at the top of the page or appending /status to the end of your URL. From Patron Status, click the Account tab and unlock the page. Fill out both New Password fields, and click Save when you're done.
- In v6, log in to Researcher, then click on your name to go to Patron Status. Click Change Password and fill out the Old Password, New Password, and Confirm Password fields. Click Save when you're done.
You, as the librarian, can also change passwords through Patrons Management:
- In v7, unlock the patron record and enter the new password in the Password and Confirm Password fields on the Access tab. Click Save.
- In v6, you'll need to click on Reset Password.
In v7, use the Reset Patron Accounts utility to change multiple patron passwords at once.
Don’t forget to check with your aides to ensure they also have appropriate passwords!
Password Requirements in v7
As of 7.16.2, you can set password requirements for your staff and patrons. Go to Security, and the Account tab. (This used to be the Researcher tab.) There is now an option for Password Strength.
When set, patron passwords entered in Patron Management or Patron Status are required to fit the following guidelines:
Weak Passwords: Minimum length of 6 characters.
Regular Passwords: Minimum length of 8 characters, with at least one letter (a-z) and one number (0-9).
Strong Passwords: Minimum length of 10 characters, with at least one letter (a-z), one number (0-9), and one symbol (!@#$%^&*-=+.,).
This means you can require your patrons to have basic password security (of a weak strength), but require your librarians and administrators to have stronger passwords.
Carry on, fearless guardian!
See also https://xkcd.com/936/
Which MARC tag and subfield do I use?
Oct 21, 2020
Improve searching—Medium aliases
Oct 14, 2020
New Copy List—See where your copies are
Oct 07, 2020
New Item Details—Interactivity and reorganization
Sep 30, 2020
Clean up—Managing Z39.50 servers
Sep 23, 2020
Immediately check out in-stock holds
Sep 16, 2020
New Patron Details—We listened to your feedback!
Sep 09, 2020
Customize your notices!
Sep 02, 2020
Keeping patrons informed—Email notices
Aug 26, 2020
Refresher—Checking in items
Aug 19, 2020
Want more tips?
Sign up for the emails!
How helpful was this page?