Sections
ITS Home Button
Students Button
Faculty & Staff Button
Help & FAQ button
Merlin Button
Webmail Button
Online Course Resources Button
Policies & Procedures Button
NCC Homepage Button
About ITS Button
Comments Button

Google

 

  

Thursday, October 30, 2008 : :

ITS Update: New Password Policy

New Password Policy:

Based on recommendations by our auditor and the SANS Institute, North Central is implementing a new Network/Email/Merlin/BlackBoard password policy that requires a password to be at least 8 characters including a number. Further, all network passwords must be changed every 120 days, with the exception of Datatel passwords which must be changed every 90 days.  Passwords can be re-used after one year. 

This policy is effective November 4, 2008.

How to Change Your Password

If your current password conforms to the new requirements, you will not have to change it until 120 days from now.  If your current password does not meet the new requirements, when you log in to the system you will be prompted to change your password however, there will be ten grace log-ins permitted before the password must be changed.

On-Campus

Press Control-Alt-Delete and select 'Change Password' then follow the on screen prompts.

Off-Campus

Log into Web mail https://www.noctrl.edu/mail with your current password. In the upper right hand corner select 'Options'. From the menu bar on the top select 'Password' and follow the instructions.

BlackBoard

Log into BlackBoard with your current password.  Access 'Personal Information.' Click on 'Change Password' and follow the instructions.

If you do not change your password during the 10 log-in grace period then you will need to go to 'Resources for Faculty and Staff' on the North Central College Home page.  Under 'On-line Resources' click on 'Reset Password' and follow the instructions.

Rationale:

Passwords are important aspects of computer security.  They are the front line of protection for user accounts.  A poorly chosen password may result in the compromise of North Central College's entire network.  As such, all North Central College faculty, staff and students with access to technology systems are responsible for taking appropriate steps to select, change and secure passwords.

 

Strong passwords are just part of the defense against security risks.  The frequency of change of passwords is as important. The SANs Institute, the bible for college and university security, recommends that general user passwords be changed every four months or 120 days. In addition, our auditors, Grant Thornton recommended that the College engage Berbee Security Services to perform a network security assessment.  Despite our strong password policy, Berbee identified weak passwords and lack of change of those passwords as a primary concerns for a technology system compromise.

 

A sampling of 28 small private colleges, including the CCIW and ANAC colleges, found that all of them required a password to be changed from anywhere from 60 to 180 days.  The most often used interval for password changes was 90 days, the same interval that we use for Datatel password changes.  The only way to insure effective institution-wide information security is to be certain that all system users follow basic and sound information security practices. 

 
ITS Home | Students | Faculty & Staff | Help & FAQ's | Merlin | Webmail | Course Resources | Policies & Standards| About ITS | NCC Homepage | Contact Us

Comments about this Web site should be sent to: kawilder@noctrl.edu
This file was last updated: Friday, 31-Oct-2008 08:31:12 CDT