September 18, 2014

New password/passphrase standard in effect

A new password/passphrase standard that represents a more formal requirement is now in effect for all faculty, staff and students.  The new standard supersedes the network ID password/passphrase guidelines from April 2013.

The new standard is driven in large part by recent audit review as well as the desire to strengthen the construction and use of passwords/passphrases by campus constituents.  Systems affected include Network ID, SalukiNet, SIS/Banner, and AIS.  Highlights of the new standard, which will take effect with any password/passphrase reset or account creation, include:

  • System-level passwords/passphrases must be changed every 180 days rather than every 365 days.
  • Passwords/passphrases, including those for Network ID, SalukiNet, SIS/Banner, and AIS  must include at least one special character: ?.][{}-!*+_~
  • A clarification of acceptable and unacceptable passwords/passphrases.
  • Additional requirements for password/passphrase protection and application administration.

Authority for this standard is granted by the SIU Board of Trustees policy, SIU System Information Security Plan, and the SIU Carbondale Information Security Program, or ISP.

The new password/passphrase standard can be found here.  Direct any questions to the information security team at security@siu.edu.  The responsibility for security rests with all of us.  Security of information and systems can only be successful with the cooperation and support of each SIU Carbondale faculty, staff, and student.  Please join us in that effort.