Main Nav

Hi
 
How often do you force password changes at your institutions for central credentials?  Do you have different policies for different groups?  Are they enforced by technology or just "suggested best practices"?
 
Louis Aponte
Weber State University
Ogden, Utah
Desktop Security

Comments

Message from r-safian@northwestern.edu

Enforced, everyone is the same, once per year.

 

Message from mclaugkl@ucmail.uc.edu

We do 180 days as we could not get 90 days vetted.  We know that PCI requires 90 but feel that we have adequate additional controls in place to justify 180.

 

- Kevin

 

 

Kevin L. McLaughlin,  CISM, CISSP, GIAC-GSLC, CRISC, PMP

Chief Information Security Officer (CISO) and Assistant Vice President

Administration and Finance

University of Cincinnati

 

513-556-9177

TEWG-Region 6 TLO

 

The University of Cincinnati is one of America's top public research institutions and the region's largest employer, with a student population of more than 41,000.

 

 

How often – 90 days

different policies for different groups - No

enforced by technology - Yes

 

___________________________________

Daniel V. O'Callaghan, Jr., MBA, CISSP

Chief Information Security Officer

Sinclair Community College

444 W Third St, 13-000B

Dayton, OH 45402

937.512.2452

 

 

 

At Creighton we force complex password and allow them to live for 180 days. Bryan McLaughlin ISO Creighton University
Message from aaron@westfield.ma.edu

We have a 90 day password life enforced by AD GPO.  The GPO is applied to everyone on campus.

Aaron

Aaron Childs, CCNA

Associate Director, Networking

Information Technology

www.westfield.ma.edu/it

Please Note: new e-mail address - aaron@westfield.ma.edu

 

Hi Louis,

There are several password policies listed here http://www.educause.edu/Resources/Browse/Password%20Policies/33329 that discuss expiration length etc. See the “Policies” tab to view all the password policies.

Please let me know if you have any questions, thank you.

Colleen Keller
Electronic Resources Librarian
EDUCAUSE - Uncommon Thinking for the Common Good

4772 Walnut Street, Suite 206
Boulder, CO 80301-2538

At Columbia College:

Complex password without repeats

Faculty and Staff: 90 days

Students: As needed (forgot, so a password reset is initiated)

Different groups: Yes

Enforcement by technology.  Several warnings are sent, then the password will no longer work after the expiration date.  User may reset via self-service.

Kev

Kevin Palmer

CIO – Columbia College

 

Close
Close


Annual Conference
September 29–October 2
View Proceedings

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.

Close

Digital Badges
Member recognition effort
Earn yours >

Career Center


Leadership and Management Programs

EDUCAUSE Institute
Project Management

 

 

Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.

 

Close
EDUCAUSE organizes its efforts around three IT Focus Areas

 

 

Join These Programs If Your Focus Is

Close

Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
 

 

Close

2014 Strategic Priorities

  • Building the Profession
  • IT as a Game Changer
  • Foundations


Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.