Passwords are access keys, help to prove you are who you say you are, and help to ensure your privacy. Compromised passwords provide access to systems for unauthorized personnel. For that reason, SUNY Fredonia computer users are encouraged to create and use strong passwords using the guidelines below:
- Initial password is randomly made and displayed for each user in the secured "Your Connection" web interface. This interface is secured with a PIN that is specific to each new user.
- Your Connection PIN change is forced after initial login. User may change initial password if desired following the guidelines below.
- Use at least eight characters whenever possible.
- NOT ALLOWED to use any portion of user's first name, last name, or user ID.
- A mixture of three of the following is required: English upper case characters, English lower case characters, base 10 digits (0-9), special characters (!,$,#,%).
- Make password easy to remember but difficult for someone to guess. Do not reveal yourself in making a password. Do not use a social security number, birth dates, address or phone numbers. Using a "pass phrase" is a good way to develop a password. This example of using the pass phrase "Do you know the way to San Jose?" to develop the password D!Y!KtwTSJ? comes from the Duke University guidelines.
- Never share your password (this includes system admins, account managers, and friends). Never provide access to systems for other people using your log in ID.
- Never write your password down.
- Change your password if you have shared it with anyone else or if you wrote it anywhere. It is also a good idea to change the password if you logged into the Fredonia system from a remote location. But do this if you had not used an encrypted login program.
- Password aging is the act of changing a password on a regular basis. It is required for users logging into the Campus Information System (CIS) forms or Dec Alpha hardware. This is due to the confidential nature of data stored in this system. (Approved by the Banner Steering Committee following review of state audit guidelines.) Password aging is recommended but not forced for all other access to Fredonia resources.