Southern Arkansas University (SAU) relies on the use of University provided credentials (username and password) to provide access authentication to information technology resources. Passwords, the secret portion of the credentials, are a critical part of computer security forming the front line of protection for user accounts. In today’s environment when passwords have never been weaker and crackers have never been stronger, the need for a strong password is greater than ever. A compromise of these authentication credentials can impact the confidentiality, integrity, and availability of IT systems and user information.
Rules for Building a Strong Password:
- Passwords are required to be 8 to 32 characters composed of a combination of alphabetic (upper and lower characters), numeric, and special characters that does not match previous passwords.
- Passwords cannot contain the user’s username nor any part of the user’s full name
- Passwords will not expire unless there is a reason to have them reset such as suspicion or evidence of a compromise.
- Users with direct access to SAU’s ERP system via Skylite, a second set of credentials are required with password expiration every 90 days.
- Initial default passwords established by ITS at account creation are temporary and are to be changed promptly.