DIBBS Password Requirements
Due to a change in DoD Security requirements, DIBBS will be implementing a new password requirement on or about August 29, 2019. The new rule involves how many characters have to be changed each time a new password is being created compared to the previous password. Currently it requires 4 characters to be changed and the new requirement will be 8 characters. For ease of transition, below are all the requirements, including this new change, for a DIBBS password:
DIBBS Password Format
At a minimum, your password must
be at least 15 characters long and can be as long as 60 characters.
Your password must contain at least 2 characters from each of the following 4 classes listed in the chart below:
1. English Upper Case Letters: ABCDEFGHIJKLMNOPQRSTUVWXYZ
2. English Lower Case Letters: abcdefghijklmnopqrstuvwxyz
3. Westernized Arabic Numerals: 0123456789
4. Non-alphanumeric (special characters) @ # $ % ^ & + . = !
Password must have no more than 4 Upper and Lower Case letters in a row, or 4 numbers in a row. (i.e. aBcD, 5678, not aBcDf or 56783)
Password must have the first 3 characters be different (i.e. abc but not aab, abb, bab, etc.)
Password cannot have more than 1 special character in a row (i.e. @@)
Password cannot begin or end
with a ‘!’. An ampersand (&) cannot be the first special character
used in any position. It can be the second or sub sequential special
New password must differ from your last 10 passwords.
New password characters must differ from previous password by at least 8 characters. A change from an upper case letter to a lower case letter and vice versa does constitute a change in a character.
Passwords are valid for 60 days.
Passwords should not contain words from any language, because numerous password-cracking programs exist that can run through millions of possible word combinations in seconds.
Passwords should be complex, but one you can easily remember. For example, Msi5%Y0ld%ni$8! (My Son is 5 years old and is great) or Ihl1Cf20#yNi$8! (I have lived in California for 20 years now and is great). These examples will not be allowed.
Passwords should not contain personal information such as names, telephone numbers, account names, birthdates, or dictionary words.
When a new password is established, log off, then log back on with your new password. This not only tests your password but also logs your account activity in DIBBS. (NOTE: If your account was locked for inactivity, a password change by itself does not count as activity.)
It is recommended to change passwords with Internet Explorer or Firefox to avoid possible issues.