Main Nav

How often do you force password changes at your institutions for central credentials?  Do you have different policies for different groups?  Are they enforced by technology or just "suggested best practices"?
Louis Aponte
Weber State University
Ogden, Utah
Desktop Security


Message from

Enforced, everyone is the same, once per year.


Message from

We do 180 days as we could not get 90 days vetted.  We know that PCI requires 90 but feel that we have adequate additional controls in place to justify 180.


- Kevin




Chief Information Security Officer (CISO) and Assistant Vice President

Administration and Finance

University of Cincinnati



TEWG-Region 6 TLO


The University of Cincinnati is one of America's top public research institutions and the region's largest employer, with a student population of more than 41,000.



How often – 90 days

different policies for different groups - No

enforced by technology - Yes



Daniel V. O'Callaghan, Jr., MBA, CISSP

Chief Information Security Officer

Sinclair Community College

444 W Third St, 13-000B

Dayton, OH 45402





At Creighton we force complex password and allow them to live for 180 days. Bryan McLaughlin ISO Creighton University
Message from

We have a 90 day password life enforced by AD GPO.  The GPO is applied to everyone on campus.


Aaron Childs, CCNA

Associate Director, Networking

Information Technology

Please Note: new e-mail address -


Hi Louis,

There are several password policies listed here that discuss expiration length etc. See the “Policies” tab to view all the password policies.

Please let me know if you have any questions, thank you.

Colleen Keller
Electronic Resources Librarian
EDUCAUSE - Uncommon Thinking for the Common Good

4772 Walnut Street, Suite 206
Boulder, CO 80301-2538

At Columbia College:

Complex password without repeats

Faculty and Staff: 90 days

Students: As needed (forgot, so a password reset is initiated)

Different groups: Yes

Enforcement by technology.  Several warnings are sent, then the password will no longer work after the expiration date.  User may reset via self-service.


Kevin Palmer

CIO – Columbia College



Annual Conference

October 27–30
Save the Date

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.


Digital Badges
Member recognition effort
Earn yours >

Career Center

Leadership and Management Programs

EDUCAUSE Institute
Project Management



Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.


EDUCAUSE organizes its efforts around three IT Focus Areas



Join These Programs If Your Focus Is


Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.



2015 Strategic Priorities

  • Building the Profession
  • IT as a Game Changer
  • Foundations

Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.