Re: Password change *recommended* -- RESULTS?

[Thomas Carter <tcarter () AUSTINCOLLEGE EDU>]

We made a change in our security polices and have told the campus they must change their password. After 2 weeks of 
communications in every form imaginable (even including door hangers in residential halls), roughly 50%-60% of faculty 
and staff have changed their password and roughly 20% of students have. We've decided to give a deadline; if the 
password hasn't been changed by that date, the "must change at next logon" gets set (this hasn't been communicated yet, 
so the slackers aren't relying on it).

Thomas Carter
Network and Operations Manager
Austin College
903-813-2564
[cid:image001.gif@01CF594F.C93D25F0]

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of 
Pedersen, Krystal
Sent: Wednesday, April 16, 2014 7:04 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Password change *recommended* -- RESULTS?

Hello Everyone - I was looking to get an idea as to how successful a recommended password change broadcast is (to the 
entire school population)? Perhaps a percentage, such as -- last time we sent a broadcast out recommended a password 
change, with instructions on how to change your password, less than 1% of passwords were actually changed?

Thanks!

Krystal Pedersen, CISA
Information 
Technology<https://urldefense.proofpoint.com/v1/url?u=http://inside.umassmed.edu/is/index.aspx&k=7DHVT22D9IhC0F3WohFMBA%3D%3D%0A&r=yppbvsV1vRTy%2FrjhLIIxm488RCwdY6q%2B9kaVJLSs%2B%2F0%3D%0A&m=M0WPXM8WrKwGbFd8oCBlstB1ckWBl0wXQ%2B4WngB%2FfH0%3D%0A&s=dbbfe12deb7632da7b053719b501faef3512d1fe7d939921e7e7024470785a0e>
Information Security, Risk & Compliance Analyst
krystal.pedersen () umassmed edu<mailto:krystal.pedersen () umassmed edu>