Versions Compared

Version Old Version 16 New Version 17
Changes made by

Cindy Hoalcraft

Cindy Hoalcraft

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Effective in Fall 2014, each NetID owner will be assigned a password expiration date based on their last password change, provided a password change occurred within the last 12 months.  Passwords that have not been changed in the last 12 months will be randomly assigned an expiration date between December 3 and May 31.  An email will be sent to the NetID owner 30 days prior to their assigned password expiration date with instructions on how to change the password.  Reminders will be sent until the password is changed, at which point a new expiration date will be set to one year from the date of the change.  The next notification will be sent 30 days prior to the new expiration date.  And so on.If a password expires, the account will be disabled resulting in loss of access to all services and resources that were supported by the NetID and password.  This includes wireless, VPN, desktops, public labs, MySlice, Blackboard, and email.

Here’s how this will work

  • You can change your SU NetID password at any time before it expires. Your password expiration date is set one year out from the date you change your password.
  • 30 days before your password expires, ITS will send to your official SU email address a warning notification that your SU NetID password will expire on a specific date. The first daily notifications will be sent on November 3, 2014. It may be several months before you receive a notification, depending on when you last changed your password.
  • If you don’t change your password, you will receive additional warning notifications in advance of your password expiration date. Warning notifications will stop once you change your password.
  • Accounts with unchanged passwords will be disabled on their expiration date. Password expiration and account disabling will occur every day, including weekends and holidays.
  • If your account is disabled you will not be able to log into your SU desktop, MySlice, Blackboard, SU email (including SUMail), AirOrangeX, or any other University systems. Your mobile devices will no longer be able to connect to the University’s networks or resources.
  • If your account is disabled, you will need to visit or call the ITS Service Center during regular business hours to have it re-enabled.
  •  If you change your password more often than once a year, you will not receive any warning notifications.

FAQ

Why do I have to change my password every year?

“Routinely changing your password significantly reduces the window of vulnerability if your password is compromised without your knowledge,” says Christopher Croad, the University’s information security officer. “Not only is changing your password quick and easy, it’s one of the most effective ways for you to protect the University’s--and your own--confidential information.” 

It's good security practice to protect your and the University's information.  First, passwords  Passwords are proliferated across systems and become vulnerable the longer they are in use.  Passwords can be stolen without your awareness and can be used to access your data (email, pay information, grades, etc.) or to pose as you in criminal activity.  Second, when  When you are no longer affiliated with SU, the eventual expiration of your password is a sure sign that you are no longer using the account.  This allows us to disable the account so it can't be hijacked.

...