Password Management and Guidelines
Network and Application Passwords
Your USER ID/PASSWORD is used to verify your identity, therefore acting as a unique key to system security. The following guidelines should be followed when utilizing your USER ID/PASSWORD:
- Make certain that no one can impersonate you (i.e., provide photo id when necessary, do not share user ids, birth dates, Social Security Number, etc.).
- Do not disclose your password to anyone, or allow anyone to observe your password as you enter it during the sign-on process.
- When selecting a password avoid passwords with any personal associations, or ones that are simple and short.
- Your password must be 8 - 15 characters in length and should follow the following guidelines:
- Characters should include:
- Letters (a, b, c, A, B, C, etc).
- Numbers (1, 2, 3, etc.).
- At least one special character.
- Numbers and special characters should not be the first or last character in the password.
- Contain no more than two consecutive repeating characters; for example: (mm, 44, etc.).
- In addition, to further ensure the security of passwords you will be required to change your password every 90 days. If your password is not changed within this time your account will be locked.
After you have logged on, the network will attribute all activity to your user id. Therefore, never leave your workstation without either locking your machine or logging off the network - even for a few minutes. In addition, you may make use of the Windows standard screen savers by requiring a password to regain access to your workstation. If you need assistance with turning this Windows feature on you may contact University Technology Services HelpDesk at (248) 370-HELP (4357).
Shared UserID/Password Group Accounts
In some special cases, shared or group accounts are required. These special circumstances require the advance approval of the Security Administrator in University Technology Services. Every effort will be made to define a process that requires each individual to log in under a private individual logon. If a process cannot be defined, a group account will be created. Individuals sharing the group account should only do work assigned to the group while logged in under the group account. Group account access will be limited to just the work that the group account was created for. Individuals in the group will also have individual accounts, and those accounts should be used whenever possible. To maintain a secure environment it is imperative that when a member of a SHARED USERID/PASSWORD GROUP ACCOUNT leaves Oakland University that the following steps be taken:
- Change the password to the shared account immediately after the employee/faculty member has left the university.
- Notify University Technology Services Helpdesk at (248) 370-HELP (4357) of this change.
- When creating the new password please follow the same guidelines outlined in the above section.
If you need assistance or have questions regarding this procedure please contact the University Technology Services HelpDesk at (248) 370-HELP (4357).