- LancerNet passwords must:
- be at least 15 characters.
- meet at least 3 out of the 4 requirements for quality:
- at least (1) lower case letter
- at least (1) upper case letter
- at least (1) number
- at least (1) special character (?, *, %, etc.)
- be changed, at a minimum, every 120 days.
- be unique:
- Users should create a different username and password for external services such as personal e-mail, banks, music services, stores, personally owned computers or other systems.
- Users should not repeat previous passwords and accordingly an encrypted record of previously used passwords will be maintained.
- LancerNet passwords must not:
- be known or used by others.
- Users must never provide their password to anyone.
- Users must log off of applications when done using them.
- Users must secure workstations when they are away from them. Devices will be subject to lockouts for inactivity.
- Users must never use the "Remember Password" feature of any applications.
- be all or part of your LancerNetID
- be all or part of the IT system's name
- be blank
- be based on a single dictionary word
- contain more than (2) repetitive characters (e.g., Mmmmmmm1, Ab7777777, etc.)
- be based on a simple keyboard combination (e.g., Qwerty)
Note: Users must report suspected password compromises.
- Users must contact the Help Desk if they believe someone has obtained their password.
- Users must change their password if they suspect it has been compromised.
Approved by the Chief Information Officer, December 2, 2008.