Skip to main content

Policies

Go Search
Home
  
Policies > Wiki Pages > Network and System Passwords  

Network and System Passwords

Purpose:

To ensure the integrity of WSU network resources from unauthorized access. 

 

Statement:

In order to comply with state and federal guidelines (FERPA, HIPPA, and many more), Worcester State University has established a password expiration policy for the campus' network and system resources. 

 

Description:

Users will be asked to reset their passwords every 90 days since their last password change.  The advantage of timed expiration is that the password clock starts over each time a user changes his or her password.
 
HR will inform IT (via Helpdesk) of Employee Terminations/Job Actions/Resignations , immediately as information becomes available, and accounts will be disabled/removed as appropriate.
 
Users deemed to be 'secure financial/data users' must use complex password creation based on current best practice strategies available.

 

Additional Information:

  • The timed expiration policy will apply to both WSU network passwords (which are used to login to computers, access email, the Community System, VPN, etc.) and Colleague.    After 8 failed attempts (4 on Community System/Blackboard) at logging in with a password, user will need to wait 30 minutes before reattempting login.
  • When a user's password expires, he/she will see a simple dialogue box when attempting to login to a system. This dialogue box enables the user to quickly change his/her password.
  • Users can change their passwords at anytime by visiting the password reset application, which is available on the  Community System's initial login page.
  • Effective Policy Change: (ACL) accounts: March 1, 2008.  FacStaff accounts: February 15, 2008.
  • Note: Strong password requirement implemented November 17, 2008 for all users of WSU resources.

 

 

Approved By: Managers and CIO

Date of Origination: 2.1.2008

Revised: 9.27.2012

 

Last modified at 10/19/2012 9:54 AM  by Ramsdell, Nancy