Information Resources and Technology Procedure

Section Policy Name Policy Number
Access Control Password Complexity and Change Frequency 6.01.01

Procedure Purpose

This procedure documents the procedures for insuring suitable password complexity and change frequency that comply with regulations and audit requirements.

Policy Supported

6.01 Password Policy

Procedure Description

Valid passwords must be at least eight characters long and include a number.  Note – special characters are any non-alphabetic, non-numeric characters. We encourage their use in passwords, however, do not use a tilde (~) in your password.

Recently used passwords cannot be reused.  To conform to good security policy, avoid words that can be found in dictionaries and predictable methods for choosing a password.

Passwords must be changed every 91 days. 

All individuals will receive daily emails notifying them of the required password change beginning seven days in advance of the expiration date.

If the password is not changed in that time period, access to all Administrative computer information, email and server space will be lost. The account validation procedure is used to restore services.

Procedure Scope

This policy applies to all Bradley University computer and network users.

Date Approved Revision 1 Date Revision 2 Date Revision 3 Date Revision 4 Date Revision 5 Date
6/6/2012