Re: Student Passwords

["Gallese, Brady T." <gallese () SUSQU EDU>]

Here's our password policy for all users:

At least 8 characters
Must have capital letter
Must have # or symbol
Can't use last 20 passwords
Expires every 180 days
Students can unlock and reset password by themselves using our password reset utility (PeoplePassword)
Employees will soon also be enrolled in self password reset system

Students are on Gmail, with separate passwords meeting the criteria that Google enforces.


________________________________
Brady Gallese ‘07
Technical Services Helpdesk Engineer
Office of Information Technology
Susquehanna University
514 University Avenue
Selinsgrove, PA 17870-1164
570.372.4470
gallese () susqu edu<applewebdata://5BD5F98F-7401-4C6B-B009-FB2AB94B6195/gallese () susqu edu>


On Dec 6, 2011, at 11:51 PM, SCHALIP, MICHAEL wrote:

We'd really like to refresh this discussion as well.....15 characters - no complexity - change every 128 days - last 5 
passwords are retained....

What are others doing?  Is everyone else still at 6-8 characters?

Thanks....



________________________________________
From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>] On Behalf Of Daniel Bennett [dbennett () PCT EDU<mailto:dbennett () PCT EDU>]
Sent: Tuesday, December 06, 2011 9:40 PM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Student Passwords

This has gone around a few times in the past but I am looking for fresh results.

What is your stance on student passwords?  Do you make them change their password every X number of days?  Complexity 
rules? Etc.

Thanks.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.