Last Updated:2:27 AM EST 5/5/08 Section: News

Required password changes will be coming in Oct. 2008 to ensure security.

In an effort to increase online security with campus e-mails, the Office of Information Technology (OIT) announced, last week, a new security measure involving network and e-mail passwords.

In a campus-wide e-mail on April 11, OIT asked individuals to begin using the new password policy by changing network passwords before April 22. One feature of the policy is that passwords have to be changed every 90 days and have to follow a series of requirements including having to be at least eight characters long.

Following concerns, OIT sent a campus-wide response on April 17. New guidelines were then set, including changing passwords twice a year rather than every 90 days and the new procedures will begin on July 1. Password changes will now have to be made in 180 days, in late October.

In response to negative feedback about the new security changes, OIT countered in a public e-mail stating, "When considering an issue like this, SJFC must weigh the inconvenience against the benefits. SJFC's overriding concern is with the security of personal information and college information systems. Information technology security risks continue to increase, so the value of this policy will increase correspondingly over time."

The changes brought some concern from faculty members.

"I think that people are much more willing to go along with change of any kind when two criteria are met," associate professor of Education Jeff Liles said. "When they are included in discussions and decision making regarding changes that will affect them, and second they are educated about the changes."

Recently OIT had two security tests to see if an outside source could penetrate the system, both of which were able get past the current structure.

"When OIT issued the same new password requirements to access the Banner system, I grumbled but went along, because there is, clearly, actual confidential information stored there," English professor Bill Waddell said. "But I can't keep up with my Banner password without writing it down, and as several of my colleagues have already observed, that defeats the purpose."

Password Requirements:

Passwords must be at least eight characters long.
Passwords must contain characters from at least three of the following four categories: Uppercase letters, lowercase letters, numeric digits, non-alphanumeric symbols.
Password cannot contain three or more consecutive characters from user's account name.

Page 1 of 1

Article Tools