Password Security
One of the single most effective security measures a computer user can take is to follow good password management practices. Following these practices is covered by the Library's Departmental Policy on Electronic Communications, and LMC approved Internal Audit's recommendation to enforce these requirements at their August 11, 2003 meeting.
For help changing your password see: How do I change my password?.
Good password practices include (requirements are in blue):
- Creating and using strong passwords
- passwords contain at least 6 characters (required: a minimum of 6 characters)
- passwords that contain upper and lower case, numbers and special characters (required: must contain at least one number, at least one special or punctation character, and at least 2 alpha characters)
- NOTE: special or punctuation characters include the following:
- ~ ! @ # $ % ^ & * ( ) _ - + =
- click here for more information about strong passwords
- NOTE: special or punctuation characters include the following:
- Changing passwords on a regular basis
- recommend changing at least every 90 days (required: change every 90 days)
- Not re-using passwords (required: new password cannot contain 80% of old password)
- Not using the same password for multiple accounts or services
- (required: e-password, Novell network password and Acorn Workflows password must each be different)
- Not sharing passwords with other users
While most of us will have no problem following these practices, many of us have more than a few credential sets to manage. We have provided some suggestions for managing and remembering multiple credential sets. Click here for some suggestions.
Library staff should make sure to follow these guidelines with ALL their accounts, especially for the Heard Library network account, their Acorn staff (Workflows) account, and their VUNet e-password. LITS enabled password strength checks for network passwords in November of 2003.