How to Secure Computer Account Password Selection Standards Procedure
The University of North Carolina at Greensboro
Policy Reference: Security of Networks and Networked Data
Approved: November 30, 2006
Document Maintainer: Information Technology Manager, ITS - Service Operations and Support
Purpose
This procedure addresses the following sections of the related policy:
Section III.B.i
"Passwords are an important aspect of computer security. Passwords represent the front line of protection for all user accounts. A poorly chosen password may compromise UNCG's entire network.
- System or user-level passwords must be changed on the currently recommended standard periodic basis.
- Passwords must be kept secure, and sharing of accounts is prohibited. Authorized users are responsible for the security of all assigned account and equipment activity and should follow security procedures determined by ITS standards.
- User accounts that have system-level privileges through some form of group membership, or other implementation, must have a unique password from other accounts held by that user.
- Passwords must not be inserted into email messages or any other form of electronic communication.
- All manufacturer default passwords must be changed before network connection. The use of ITS enterprise authentication services is required."
Application of this procedure would mitigate risks associated with password practices.
Scope
This procedure covers all users of the University network.
Responsible Parties
- Faculty and Staff
- Students
Procedure
When choosing passwords for University accounts, users should consider Account Password Tips.