Re: Password Policies for today's knowledge worker

[Mike Chapple <mchapple () ND EDU>]

Neal,

We recently removed our password expiration requirement in conjunction with
the rollout of two-factor authentication.  The change had the double
benefit of improving our overall security (with two-factor) and generating
quite a bit of goodwill on campus.

Best regards,
Mike


*Mike Chapple, Ph.D.*Senior Director for IT Service Delivery
Concurrent Assistant Professor, Computing & Digital Technologies
University of Notre Dame
236 IT Center  *| * Notre Dame, IN 46556
*P:* 574-631-5863  *|*  *M: *574-274-0151
mchapple () nd edu
Twitter: @mchapple <http://twitter.com/mchapple>


On Tue, Feb 9, 2016 at 7:17 PM, Fisch, Neal <Neal.Fisch () csuci edu> wrote:

> Good afternoon everyone,
>
>
>
> In today’s world of knowledge workers having a multitude of devices used
> for accessing their work data, I would like know how strict you feel
> password policies should be to be able to accommodate this plethora of
> devices, accommodate a seamless password change process, and still be
> secure.  Items of particular interest are password/access controls
> specifically in regards to acceptable timeframes for password resets and
> number of failed login attempts.
>
>
>
> Thanks all!
>
>
>
> Neal
>
>
>
> Neal Fisch
>
> Director, Enterprise Services and Security
>
> Information Security Officer
>
> Division of Technology & Communication
>
> California State University Channel Islands
>
> One University Drive, Camarillo CA 93012
>
> Solano Hall – Room 2178
>
>
>
> Email:  neal.fisch () csuci edu
>
> Voice:  805-437-3278 *|* Mobile:  805-443-6529 *|* Fax:  805-437-3377
>
> [image: EXT_IS]