Passwords are the primary form of user authentication used to grant access to Saint Mary's University of Minnesota’s information systems. To ensure that passwords provide as much security as possible, yet are reasonable to utilize, we have created the below password guidelines.
- Passwords must be 15 characters in length. Special characters, numbers and upper/lower case characters are not required.
- Passwords will expire every 365 days.
- Passwords may not be reused.
- Passwords are to be used and stored in a secure manner. As such, passwords are not to be written down or stored electronically. Passwords are to be obscured during entry into information system login screens and are to be transmitted in an encrypted format.
- Passwords are to be individually owned and kept confidential and are not to be shared under any circumstances.
According to the National Institute of Standards and Technology, (NIST) "Length and complexity requirements beyond those recommended here significantly increase the difficulty of memorized secrets and increase user frustration. As a result, users often work around these restrictions in a way that is counterproductive....Therefore, no additional complexity requirements are imposed."
Many sites, such as HowSecureIsMyPassword are available to validate how secure your password is and to show how a longer password is more secure. Feel free to test it out.
For questions regarding your password please contact the IT HelpDesk at 507-457-7800.