You are here:
Passwords are a vital aspect of computer security. They are the front line of protection for user accounts. A poorly chosen password can compromise Hampshire College's data systems and services. As such, all users (including contractors and vendors with access to Hampshire College's systems) are responsible for taking the appropriate steps, outlined below, to select and secure their passwords.
The purpose of this policy is to establish standards for the creation of strong passwords, the protection of those passwords, and the frequency of change.
The scope of this policy includes users who meet any of the following criteria:
Password protection is a vital part of any security plan please observe the following standards:
Good practices to follow:
If someone demands a password, refer that person to this document or have him or her call a staff member of the information technology department.
Again, do not write passwords down and store them anywhere in your office. Password cracking or guessing may be performed on a periodic or random basis by IT or its delegates. If a password is guessed or cracked during one of these scans, the user will be required to change it.
Any employee found to have violated this policy maybe subject to disciplinary action, up to and including termination of employment.
Passwords are used for various purposes at Hampshire College. Some of the more common uses include user level accounts, web accounts, email accounts, screen saver protection, voicemail password, and local logins. Since very few systems have support for one-time tokens (i.e., dynamic passwords that are only used once), everyone should be aware of how to select strong passwords.
Poor, weak passwords have the following characteristics:
Strong passwords have the following characteristics:
Passwords should never be written down or stored online. Try to create passwords that can be easily remembered. One way to do this is create a password based on a song title, affirmation, or other phrase. For example, the phrase might be: "This May Be One Way To Remember" and the password could be: "TmB1w2R!" or "Tmb1W>r~" or some other variation.
NOTE: Do not use either of these examples as passwords!