Password Expiration

[Nancy R Evans <nre () IUP EDU>]

Good Day,

Here at Indiana University of Pennsylvania (IUP) we have had password expiration set to 180 day since we started 
requiring authentication to our machines. That was about 4 years ago.  The expiration is what trips most of our 
students up.  No matter how often we try to educate them they always seem to get caught. One problem we have with our 
expiration is that you only know when your password has expired if you are using and on campus machine. (I have yet to 
try emails)  We have recently offered a self serve password reset to our students via their SCT Banner accounts.  Seems 
to have been accepted well.
Someone mentioned that the forced expiration is actually more of a problem, well I think I would agree.  It seems to me 
that is encourages the students to "share" account access.  Currently do not have a single sign on service.  Do those 
of you who have single sign on find that it reduces password problems?   Since I supervise our student and academic 
faculty/staff help desks I have been asked to conduct a password education process.  I am looking for some fresh ideas. 
 Could you all please share some of your ideas and success.

Thank you,

Nancy R. Evans, MIS
Coordinator of User Services
Academic Technology Services
Indiana University of Pennsylvania
(724) 357-1329
Nancy.Evans () iup edu