Passwords - Employees
Office of Origin: Information Technologies
Date Adopted: 08-25-09
Date Reviewed: 07-01-14, 06-28-18
Last Date Modified & Approved: 09-25-18
In an effort to prevent unauthorized user access to institutional data and resources, Lake Michigan College (the College) has established standards for management of passwords. Password controls are a critical component for managing computer and data security.
As such, all College employees and contractors with access to College Information Technology (IT) assets and/or who have any form of access to systems that resides at any College facility, that are attached to any College network, or to a cloud based system that hosts College data are responsible for taking appropriate measures to safeguard access to IT assets and systems and to proactively manage passwords to prevent authorized access. Towards that end:
- All employee or contractor users with access to financial applications within Banner, student records applications within Banner, and/or IT administrative services must use passwords that are at least 10 characters long and that contain at least 1 number, 1 special character, and 1 upper- and 1 lowercase character. The password cannot contain the user’s first or last name. A password change is required every 180 days.
- All other employee or contractor users must use passwords that are at least 8 characters long and that contain at least 1 number, 1 special character, and 1 upper- and 1 lowercase character. The password cannot contain the user’s first or last name. A password change is required every 365 days.
- Passwords may not be included in email messages or other forms of communication.
- Passwords may not be shared with other individuals or posted where accessible in a public accessible format.
Responsibility: Chief Information Officer
References: Acceptable Use Policy