Personal tools
Navigation
Toolbox

Guidelines for Setting and Protecting Your Password

From Appalachian State University Policy Manual

Revision as of 15:11, 4 October 2011 by Deaskc (Talk | contribs)

Jump to: navigation, search

Policy 903

Contents

1 Introduction

2 Scope

3 Definitions

4 Policy and Procedure Statements

4.1 Secure Passwords

Secure Passwords are a critical part of protecting email and confidential information. All Students, Faculty and Staff are required to change their Account Password every Ninety (90) Days. For security reasons, the North Carolina State Electronic Systems Audit recommends this process cycle.

4.1.1 System Requirements

  1. The Account Password must be at least eight (8) characters in length with a maximum of twelve (12) characters.
  2. Use a combination of letters and numbers, a least one numerical value is required.

4.1.2 Selecting Passwords

  1. Choose passwords that are easy to remember but are difficult for an attacker to guess.
  2. Never set a password that is derived from your Username or legal name.
  3. Avoid using dictionary words, including foreign language, slang, jargon and proper names.
  4. Do not use passwords that contain common words or phrases associated with Appalachian.

4.1.3 Guidelines for Protecting Passwords

  1. Treat all passwords as confidential data.
  2. Do not include secure passwords in any unprotected electronic communication.
  3. Secure Passwords should not be shared or used to access non university accounts or systems.
  4. Do not write down your password or share it with another user.

5 Additional References

6 Authority

7 Contact Information

8 Effective Date

9 Revision Dates