Effective password management is the most central single element in assuring the overall security of Longwood's information technology (IT) resources and systems and the protection of University data. The purpose of this policy is to ensure that all users are aware of their responsibilities in effective password management and to ensure that appropriate password standards are applied to all University IT systems.
This policy applies to all IT systems whether connected to the network or standalone, hosted internally or externally or administered by Information and Instructional Technology Services (IITS) or another department.
Password Management: Password management is the selection, distribution, use, modification and testing of computer system passwords.
All who participate in the use and administration of Longwood's IT resources and systems share responsibility for effective password management. Specific responsibilities are assigned as follows:
Responsibility to Report Compromise: All users are required to immediately contact the Help Desk and change their password if at any time they suspect their password has been compromised.
The Chief Information Officer of Longwood University must approve exceptions to or exemptions from any provision of this policy or the Minimum Password Standards in writing.
The University regards any violation of this policy as a serious offense. Violators of this policy are subject to disciplinary action, in addition to possible cancellation of IT resources and systems access privileges. Users of IT resources and systems at Longwood are subject to all applicable local, state and federal statutes. This policy does not preclude prosecution of criminal and civil cases under relevant local, state, federal and international laws and regulations.
Approved by the Board of Visitors, September 7, 2002.
Revised and approved by the Board of Visitors, December 5, 2008.