Skip to Content


Statewide Systems Password Information

Passwords are an important tool to help us protect the Statewide Systems from attack. Much of the data in the systems is private and confidential data. In all cases it is important to keep this private and confidential data from everyone who doesn't have a business need to see it. Passwords are one important tool we have to help us meet our responsibilities in this area. Click the links below to get general information about password security and specific information about passwords for each state system listed.

  • General Password Security and Guidelines

    Password Terminology

    Types of Characters: There are four different types of characters used in making passwords. Using many different combinations of these character types greatly increases the resources needed to "crack" a password.

    • Upper case letters (A, B, C, etc.), 
    • Lower case letters (a, b, c, etc.), 
    • Arabic numbers (1, 2, 3, etc.), and 
    • Special Characters = ~ # $ % ^ & * ( ) _ + ` : " , ?
    Passwords are often the weakest link in a computer security scheme. Strong passwords are important because password cracking tools continue to improve and the computers used to crack passwords are more powerful. Passwords that once took weeks to break can now be broken in hours.

    Password cracking software uses one of three approaches: intelligent guessing, dictionary attacks, and automation that tries every possible combination of characters. Given enough time, the automated method can crack any password. However, it still can take months to crack a strong password. That is why we require the use of strong passwords that include at least three of the four character types.

    An Easily Broken Password is one that can be easily tied back to the account owner such as:

    • user name
    • social security number
    • nickname
    • relative's names
    • birth date
    Names of places (cities or countries), all numbers, all the same letter or number, keyboard patterns (qwerty, jkl;, etc.) are insecure and easily broken.

    A Strong Password is one that:

    • is at least eight characters in length
    • is not a name or dictionary word, and
    • contains at least three of the four types of characters identified above.

    Creating a Strong Password

    Combine short, unrelated words with numbers or special characters. For example: eAt42peN

    Substitute numbers or special characters for letters. (But do not just substitute) For example: "livefish" - is a bad password. "L1veF1sh" is better and satisfies the rules, but setting a pattern of 1st letter capitalized, and i's substituted by 1's can be guessed. "l!v3f1Sh" - is far better, the capitalization and substitution of characters is not predictable.

    Remembering Strong Passwords

    Make the password difficult to guess but easy to remember. Use something to help you remember it such as the title to a favorite song (We all live in a Yellow Submarine = WaliaYS!)

    You may have passwords on many different systems such as your agency's network, IA Data Warehouse, Budget Planning and Analysis System (BPAS), SWIFT, SEMA4, and Employee Self Service. Many users will choose to synchronize their password across the various systems. Even though the different systems have different requirements as listed below, it is possible to find a common denominator across all systems so that a strong password can be synchronized. For example, even if your agency's network allows users to keep their passwords for 90 days, the network probably allows more frequent changes so that users can change their passwords to conform with a thirty day requirement. Similarly, users can use a combination of Uppercase letters, Numbers and Lowercase letters to satisfy the more stringent character type requirements of other systems. Some system passwords are not case sensitive, but will allow both uppercase and lowercase letters.

    Who can I tell my password to?

    • Don't tell your password to anyone! 
    • Be wary of anyone who requests your password for any reason. 
    • If you suspect that someone knows your password, change it immediately. 
    • Don't write down your password. There are several very good, open source (free) tools that allow you to have a different password for all the different programs and websites that you deal with, without actually having to remember all those usernames and passwords available on the web. Of course this all depends on your department policies for downloading outside software. 
  • SWIFT Password Information

    SWIFT Password Information 

    Q: How do I change my password? 


    1. Go to 
    2. Sign in to the SWIFT Administrative Portal 
    3. In the Menu list, select My Profile. The General Profile Information page displays. 
    4. Click Change password. The Change password page displays.
    5. Enter your current password in the Current Password field. 
    6. Tab to the New Password field and enter a new password of your choosing. 
    7. Tab to the Confirm Password field and enter the new password again.
    8. Click OK. Unless you receive an error message, your password has been saved.
    9. The General Profile Information page displays.

    Q: Are there any requirements or guidelines for creating a password?

    A: Passwords: 

    • Must be at least eight characters
    • Must include at least one number
    • Must include at least one of the following special characters ! @ # $ % ^ & * ( ) - _ = + \ | ] } [ { : / ? . > < ,
    • Are case-sensitive
    • Cannot be reused for at least six password cycles. The system keeps track of your previous six passwords and prevents you from reusing them
    • Expire after 60 days
    • Additionally, we recommend the following characteristics for strong passwords:
          - It should not be your name, spouse’s name, child’s name, pet’s name, parent’s name, etc.
          - It should not be a dictionary word.
          - It should be significantly different from previously used passwords (not just incrementing a counter, for example).
    • It must contain characters from each of these four groups:
          - Upper case letters (A, B, C, …)
          - Lower case letters (a, b, c, …)
          - Numbers (1, 2, 3, …)
          - Special characters ! @ # $ % ^ & * ( ) - _ = + \ | ] } [ { : / ? . > < ,
    • You should change your password on a frequent basis.
    • Do not store passwords in readable form on your computer or in any location where unauthorized persons might discover them.
    • Do not share your password with anyone. If another person learns your password, change it immediately.

    Q: How will I know when my password is going to expire?

    A: The system will prompt you when it's time to change your password.

    Q: What if my password will be expring soon?

    A: Administrative Portal passwords expire after 60 days. Beginning 10 days before the password expires, you will see this message after you sign in: "Your password will expire in x days. Do you want to change your password now?" If you are ready to change your password, follow these steps:

    1. Click Yes
    2. The Change password page displays. Enter your current password in the Current Password field.
    3. Tab to the New Password field and enter a password of your choosing.
    4. Tab to the Confirm Password field and enter the new password again.
    5. Click OK. Unless you receive an error message, your password has been saved.
    6. The General Profile Information page displays.

    Q: What if my password has expired? Can I still sign in?

    A: Yes, but what you need to do depends on the message you receive: 

    • If you receive a message that your password is invalid, obtain a new password by selecting "Forgot Your Password?" Sign in with the new password and then change it. See Are there any requirements or guidelines for creating a password?
    • If you receive a message that your password has expired, you can still access the Administrative Portal as long as you change your password immediately by selecting "Click here to change your password."
    1. Enter your current password in the Current Password field.
    2. Tab to the New Password field and enter a password of your choosing. See Are there any requirements or guidelines for creating a password?
    3. Tab to the Confirm Password field and enter the new password again.
    4. Click Change Password. If your password change is successful, this message will display: “Your password has successfully been changed.”
    5. Click OK.

    Q: What if I remember my password but it doesn't work and the message "Your User ID and/or Password are invalid." displays?


    • Try it again, making sure you type it in correctly. It is case-sensitive, so if your password contains letters and you established it in lower case, you must sign in using lower case letters.
    • Check your user ID to ensure it is correct. You must use your employee ID which is eight digits, all numeric. Be sure to include the leading zeros.
    • Ensure that NumLock is ON on your keyboard and CapsLock is OFF (unless you normally have CapsLock ON).
    • Have only one web browser window open with one tab when you sign into the Administrative Portal.
    • Sometimes, if you have tried 2 or 3 times, it is best to close the browser and then open it and try again.
    • Clear cookies and temporary Internet files. Follow the instructions for clearing cookies and temporary Internet files.

    If your password still doesn't work, request a system-generated password. Continue with Step 1 below:

    1. Navigate to the Administrative Portal:  
    2. Click on the link that says, “Forgot Your Password?”
    3. You'll be prompted for your User ID. Enter it and click Continue.
    4. You'll be asked a question which you have previously specified, or you will be prompted for your Social Security Number. In the Response field, enter the answer (if entering your Social Security Number, do not include dashes). Click Create password.
    5. You'll be presented with a new, system-generated password. It is case-sensitive and consists of 10 characters.
    6. Write it down exactly as it appears and click OK. (See below for timesaving hint.)
    7. The Administrative Portal sign in page displays.
    8. Enter your User ID
    9. Enter the system-generated temporary password.
    10. Click Sign In. The Administrative Portal menu page displays.

    A timesaving hint: Copy and paste the new, system-generated password. In step 5, after you are presented with the new password, highlight it (only highlight the password’s 10 characters; do not highlight the space or characters following the 10th character), and with your cursor on the password, right-click and select Copy. Next, click OK. On the sign in page, after entering your user ID, right-click in the password field and select Paste. (Confirm that only 10 bullets display. If there are more than 10 bullets, delete the extra bullets to the right.) Click Sign In and the Self Service menu page displays.

    Q: When trying to sign in, I receive the message “Your Account is Locked.” What does it mean?

    A: As a security precaution, you are temporarily locked out after too many failed sign-in attempts. Contact your agency’s security administrator or the SWIFT Help Desk at (651) 201-8100, option 2.

    Q: I don't know my user ID or initial password. Who should I contact?

    A: Contact your your agency’s security administrator or the SWIFT Help Desk at (651) 201-8100, option 2.

  • SWIFT Data Warehouse/Crystal Reports Password Information

    Users must obtain a separate password to access the reports.
    Important note: This password is used only for accessing the SWIFT Data Warehouse via ODBC connections (i.e. for Crystal Reports) and does not impact a user’s security clearance for OBIEE, which is accessed via the SWIFT Administrative Portal using the user’s single sign-on password. 

    Follow these steps to obtain or change the password: 
    1. Log into the SWIFT Administrative Portal - 
    2. Click SWIFT Data Warehouse Access from the Enterprise Menu. 
    3. Click Manage Warehouse Password. This opens the page that allows you to establish (or change) the password that you’ll need to access the SWIFT Data Warehouse Crystal reports. 
    4. Create a password of your choosing and enter it in the New Password and Confirm Password fields. 
    5. Click Save. 
    6. Log out. 
    This password will expire every 60 days, and the user must change it following the same steps outlined above. Users may change their password at any time.