Topics Map > UW-Madison > Cybersecurity > Identity and Access Management

UW-Madison - IT - Password Policy

Applies to anyone who connects devices or systems to a UW-Madision network by any means.

Describes the required practices for passwords used on devices and systems connected to the UW-Madision network.

The Password Standard is the implementation of this policy.


Devices and systems connected to the University of Wisconsin-Madison network must require passwords meeting the minimum standards set by the Office of the Chief Information Officer and, if possible, technically enforce them. Faculty, staff and students must adhere to the minimum passwords standards for all systems and applications that come into contact with University resources.

Systems That Cannot Comply with Minimum Standards

If the minimum standards cannot be met, the system must be protected by other means, such as, but not limited to, a dedicated firewall, limited network access or multi-factor authentication.


The University of Wisconsin-Madison ’s network and information systems provide the technical foundation for conduct of its academic, research and administrative missions. Providing this open access to information technology is imperative to ensuring academic freedom at the institution. An important part of providing this network access is ensuring that the network and associated information is secure.

The purpose of this policy is to provide guidance to faculty, staff, students and other authorized users regarding passwords in order to protect individual and University information and resources. Adherence to this policy will help ensure that the university network and information systems are secure and available to all.


Issued by the UW-Madison Vice Provost for Information Technology.


The University reserves the right to:

  • suspend access to preserve the confidentiality, integrity and availability of the network, systems or information;
  • periodically audit passwords for compliance; and
  • pursue disciplinary action because of non-compliance.


Please address questions or comments to


Keywords:policies guidelines policy recommendations requirements guideline recommendation requirement requirements, administrators alumni applicants faculty it-security-staff it-staff managers students supervisors administration information-technology security, cloud-services identity-management mobile-devices personally-owned-devices security cloud cybersecurity devices identity mobile personal personally, access, access-control configuration-and-maintenance access configuration maintenance cioDoc ID:58601
Owner:Sara T.Group:IT Policy
Created:2015-11-30 19:12 CSTUpdated:2019-11-11 16:40 CST
Sites:IT Policy
Feedback:  62   6