Staff Password Requirements

Requirement 

Technology Services will require strong passwords and enable security restrictions for Active Directory (District Wide Login) resources with the following minimum requirements:

  • Minimum number of characters (to be shared directly to staff)
  • Complexity requirements (to be shared directly to staff)
  • Maximum Password Age (to be shared directly to staff)
  • Enforce Password History (to be shared directly to staff)
  • Account Lockout after numerous invalid attempts

For help with changing your password please see http://bit.ly/60chgpass

Purpose

Password settings are to be used to set minimum requirements for strong passwords. The purpose of strong passwords is to protect organizational and student information.

Scope

This requirement will impact all staff Active Directory accounts.

Roles & Responsibilities

All staff are required to protect organizational and student information.

Requirement Owner

Technology Services

History

Enacted February 20, 2019
3rd Draft: January 22, 2019 – changed some details to “to be shared directly with staff”
2nd Draft: December 4, 2018 – changed policy to requirement
First Draft: December 3, 2018.

Enforcement

Enforcement will be handled through settings in Active Directory.

2 Replies to “Staff Password Requirements”

  1. I think the requirements are unnecessarily complex. I prefer to use the same simple password, always. Like a combination lock, or bank vault combination. Random, complex passwords will have to be written down, therefore less secure, and easily lost/misplaced.

    If you do the permutations on the requirements listed, it is a ridiculous number of possibilities.

Comments are closed.