Information Resources and Technology Procedure
| Section |
Procedure Name |
Procedure Number |
| Access Control |
Password Complexity and Change Frequency |
6.01.01 |
Procedure Purpose
This procedure documents the procedures for insuring suitable password complexity and change frequency that comply with regulations and audit requirements.
Policy Supported
6.01 Password Policy
Procedure Description
Valid passwords must be at least eight characters long and include a number. Note – special characters are any non-alphabetic, non-numeric characters. We encourage their use in passwords, however, do not use a tilde (~) in your password.
Recently used passwords cannot be reused. To conform to good security policy, avoid words that can be found in dictionaries and predictable methods for choosing a password.
Passwords must be changed every 91 days.
All individuals will receive daily emails notifying them of the required password change beginning seven days in advance of the expiration date.
If the password is not changed in that time period, access to all Administrative computer information, email and server space will be lost. The account validation procedure is used to restore services.
Procedure Scope
This policy applies to all Bradley University computer and network users.
| Date Approved |
Revision 1 Date |
Revision 2 Date |
Revision 3 Date |
Revision 4 Date |
Revision 5 Date |
| 6/6/12 |
|
|
|
|
|
maintained by S. Renken
|