NetID Password Policy
The KSC password change policy* for faculty and staff helps to establish strong IT Security practices on campus. Passwords are a first line of defense for protecting the computing infrastructure because all network accounts, applications and systems are vulnerable to attack and misuse when passwords are compromised. Individuals who practice strong security habits, such as locking office doors and unattended workstations, also help to limit the exposure of malicious activity initiated by password compromise.
The password policy contains the following requirements:
- Faculty and staff must change their password every 120 days.
- Complex passwords must be used. Complex passwords follow the following standards:
- Contain at least 8 characters
- Contain characters from three of the following categories:
- English lower case a-z
- English Upper case A-Z
- Numbers 0-9
- Special characters, e.g. $#@!%^&()+-
- DO NOT contain any portion of the faculty or staff's username
- PC users receive an automated reminder to change a password 18 days before it actually expires.
- Faculty and staff must cycle through 8 unique passwords before they are allowed to reuse the first one.
* CITC approved the password change policy in April of 2004.