Information Resources and Technology Procedure
|Section||Policy Name||Policy Number|
|Access Control||Password Complexity and Change Frequency||6.01.01|
This procedure documents the procedures for insuring suitable password complexity and change frequency that comply with regulations and audit requirements.
6.01 Password Policy
Valid passwords must be at least eight characters long and include a number. Note – special characters are any non-alphabetic, non-numeric characters. We encourage their use in passwords, however, do not use a tilde (~) in your password.
Recently used passwords cannot be reused. To conform to good security policy, avoid words that can be found in dictionaries and predictable methods for choosing a password.
Passwords must be changed every 91 days.
All individuals will receive daily emails notifying them of the required password change beginning seven days in advance of the expiration date.
If the password is not changed in that time period, access to all Administrative computer information, email and server space will be lost. The account validation procedure is used to restore services.
This policy applies to all Bradley University computer and network users.
|Date Approved||Revision 1 Date||Revision 2 Date||Revision 3 Date||Revision 4 Date||Revision 5 Date|