University Policies

Network and System Passwords Policy

University Technology Services
University Technology Services


Purpose:
To ensure the integrity of WSU network resources from unauthorized access.

Statement:
In order to comply with state and federal guidelines (FERPA, HIPPA, and many more), Worcester State University has established a password expiration policy for the campus' network and system resources.

Users will be asked to reset their passwords every 90 days since their last password change. The advantage of timed expiration is that the password clock starts over each time a user changes his or her password.

HR will inform IT (via Helpdesk) of Employee Terminations/Job Actions/Resignations , immediately as information becomes available, and accounts will be disabled/removed as appropriate.

Users deemed to be 'secure financial/data users' must use complex password creation based on current best practice strategies available.

Additional Information:

  • The timed expiration policy will apply to both WSU network passwords (which are used to login to computers, access email, the Community System, VPN, etc.) and Colleague. After 8 failed attempts (4 on Community System/Blackboard) at logging in with a password, user will need to wait 30 minutes before reattempting login.
  • When a user's password expires, he/she will see a simple dialogue box when attempting to login to a system. This dialogue box enables the user to quickly change his/her password.
  • Users can change their passwords at anytime by visiting the password reset application, which is available on the Community System's initial login page.
  • Effective Policy Change: (ACL) accounts: March 1, 2008. FacStaff accounts: February 15, 2008.
  • Note: Strong password requirement implemented November 17, 2008 for all users of WSU resources.
2008-02-01
2012-09-27