Why are Strong Passwords Important?
Passwords are used to control access to North Central College systems, networks, applications, accounts, and data. A compromised password puts a user's email and files at risk, and may expose sensitive, confidential personal information residing on College information systems. All users are responsible for taking the appropriate steps to select and secure their passwords.
Policy for Protecting Your Passwords
You are responsible for the security of your passwords, and accountable for any misuse if they are guessed, disclosed, or compromised.
- All passwords are to be treated as sensitive, confidential personal information.
- Do not share your passwords with anyone.
- Do not use your College password for any other account or service.
- Avoid storing passwords within applications or using the "Remember Password" feature. These features typically do not adequately protect passwords, and it may be possible for a computer virus or unauthorized user to gain access to this information.
- Do not write passwords down or store them anywhere in your office. Do not store passwords in a file on any computer system.
- Do not reveal a password over the phone to anyone.
- Do not reveal a password in an email message.
- Do not talk about a password.
- Do not hint about the format of a password.
- Do not reveal a password on questionnaires or security forms.
- Before entering your password, make sure that no one is watching you, to avoid the so-called "shoulder surfing" technique.
If someone demands a password, refer them to this document or have them call Information Technology Services.
Guidelines for Selecting Strong Passwords
One method of cracking passwords is by using dictionary files to generate lists of passwords. Choosing passwords that are easy to remember but hard for an attacker to guess will significantly improve the security of your computer and the College's data.
Strong passwords have the following characteristics:
- Are at least eight characters in length
- Contain at least one alphabetic character
- Contain at least one numeric character
- Contain at least one punctuation or symbol character
When selecting a password it is important to avoid:
- dictionary words. This includes foreign language, slang, dialect, jargon, and proper names.
- words that are associated with North Central College, such as NCC, Cardinals, and Methodist.
- common misspellings and substitutions like replacing an "e" with a "6" or an "i" with a "1", such as h07d0G
- personal information, names of family, pets, friends, fantasy characters, birthdays, addresses, userid, etc.
- computer terms or names, commands, sites, companies, hardware or software.
- words or number patterns, or anything spelled backwords.
For systems and applications that have a maximum password length less than eight characters, the maximum length should be set as the minimum accepted password length.
Password Security
If a College account or password is suspected to have been compromised, report the incident to the Information Technology Services Help
Reviewed: 5/10/16