Educause Security Discussion mailing list archives
Re: NIST guidelines for passwords
From: randy <marchany () VT EDU>
Date: Wed, 14 Mar 2018 09:51:57 -0400
We adapted their guidelines. See the attached diagram which defines our rules. It's a variant of the Stanford password rules as well. -Randy Marchany VA Tech IT Security Office and Lab On Tue, Mar 13, 2018 at 5:00 PM, Thomas Dugas <dugast () duq edu> wrote:
Chad, We have not. Mainly because our auditors are still following the ISACA guidance that hasn't recognized the new NIST guidelines yet. We plan to keep working on them though and hopefully they update their guidelines as well. Tom Dugas Director, Information Security/New Initiatives Duquesne University -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto: SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Chad Miller Sent: Tuesday, March 13, 2018 3:29 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] NIST guidelines for passwords Good afternoon, I'm wondering if other schools have implemented the "new" NIST guidelines for passwords? If you have, how were the new guidelines received by faculty/staff? Do you have an associated policy that you would be willing to share? Thanks! Chad Miller CIO UNWSP
Current thread:
- NIST guidelines for passwords Chad Miller (Mar 13)
- Re: NIST guidelines for passwords Thomas Dugas (Mar 13)
- Re: NIST guidelines for passwords randy (Mar 14)
- Re: NIST guidelines for passwords Thomas Dugas (Mar 13)