Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Password aging

From: Jane Drews <jane-drews () UIOWA EDU>
Date: Thu, 8 Jan 2004 10:11:37 -0600
We've had a password policy in place for a couple years which recommends
password changes at least twice in a calendar year, along with other
requirements (no clear text passwords, etc).  We now have a project underway
for our Enterprise Authentication Service to implement stronger password
controls, including password aging for all (instead of some) accounts.
Because EAS services a variety of critical apps (student, medical, HR, etc),
we've had to consider audit as well as regulatory compliance issues.



Jane Drews

IT Security Officer

The University of Iowa



  _____

From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Seruya, Stewart
Sent: Wednesday, January 07, 2004 6:29 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Password aging



I'm trying to get a sense on how many have a university-wide Password
policy.  Second, do any have a password aging rule?

Your input is appreciated.

Stewart Seruya

University of Miami

********** Participation and subscription information for this EDUCAUSE
Discussion Group discussion list can be found at
http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.
Previous By Date Next
Previous By Thread Next

Current thread: