Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Password aging

From: "Monday, Kathy" <kmonday () RICHMOND EDU>
Date: Thu, 8 Jan 2004 17:21:57 -0500
The University of Richmond has a password aging policy that requires users
to change their password twice a year, once during the fall and once during
the spring semester.   Email notifications are automatically sent to remind
individuals when it is time to change their password.  We divide the
population up into groups by account name and schedule their expiration
dates throughout the semester - avoiding the starting and ending weeks and
some key dates.   Requiring people to change passwords is not popular but is
grudgingly accepted.   We provide examples/suggestions on how to set strong
passwords that are more "easily" remembered and warn individuals against
writing them down.



http://oncampus.richmond.edu/is/policy/password_aging_policy.htm
<http://oncampus.richmond.edu/is/policy/password_aging_policy.htm>



We also have programs in place that enforce strong passwords.



Kathy Monday

University of Richmond



-----Original Message-----
From: Seruya, Stewart [mailto:stewart () MIAMI EDU]
Sent: Wednesday, January 07, 2004 7:29 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Password aging



I'm trying to get a sense on how many have a university-wide Password
policy.  Second, do any have a password aging rule?

Your input is appreciated.

Stewart Seruya

University of Miami

********** Participation and subscription information for this EDUCAUSE
Discussion Group discussion list can be found at
http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.
Previous By Date Next
Previous By Thread Next

Current thread: