Topics Map > UW-Madison > CIO > Identity and Access Management
Topics Map > UW-Madison > Cybersecurity > Access Control
Topics Map > UW-Madison > Cybersecurity > Configuration and Maintenance

UW-Madison - CIO - Password Standard

Applies to UW-Madison faculty, staff and students who who use or access UW-Madison information resources, or connect devices or systems to a UW-Madision network by any means.

Specifies the minimum length, complexity and other required and recommended practices for passwords used on devices and systems connected to the UW-Madision network, and devices or systems used by faculty, staff and students who use or access UW-Madison information resources.

The Password Standard is the implementation of the Password Policy

 
  • Of interest to:
    • Alumni
    • Applicants
    • Faculty
    • IT Security Staff
    • IT Staff
    • Staff
    • Students
  • Subjects:
    • Cloud Services
    • Cybersecurity
    • Identity Management
    • Mobile Devices
    • Network and Telecomm
    • Personally-owned Dev.
  • Cybersecurity:
    • Access Control
    • Config and Maintenance
  • Data Handling Activities:   
    • Access
 

Background

The following standards have been developed in concert with the university community and established by the Office of Cybersecurity.

Requirements

  • Passwords chosen must:

    • be a minimum of eight (8) characters in length;

    • be memorized; if a password is written down it must be secure;

    • contain at least one (1) character from three (3) of the following categories:

      • Uppercase letter (A-Z)
      • Lowercase letter (a-z)
      • Digit (0-9)
      • Special character (~`!@#$%^&*()+=_-{}[]\|:;”’?/<>,.);
    • be private;

  • Passwords chosen must not:

    • contain a common proper name, login ID, email address, initials, first, middle or last name.

Recommendations

  • It is strongly recommended that:

    • passwords are changed twice per year (e.g., when clocks are adjusted in the spring and fall);

    • each password chosen is new and different.

Contact

Please address questions or comments to policy@cio.wisc.edu.

 



Keywords:requirements standard requirement requirements standards, administrators alumni applicants faculty it-security-staff it-staff managers students supervisors administration information-technology security, cloud-services identity-management mobile-devices personally-owned-devices security cloud cybersecurity devices identity mobile personal personally, access, access-control configuration-and-maintenance access configuration maintenance   Doc ID:58605
Owner:GARY D.Group:IT Policy
Created:2015-12-01 09:00 CSTUpdated:2016-12-06 20:59 CST
Sites:IT Policy
CleanURL:https://kb.wisc.edu/itpolicy/cio-password-standard
Feedback:  12   4