UCO Password Guidelines

Summary

Provides details about UCO's policy and recommendations for password security.

Body

 Improved Security for Passwords at UCO

To enhance security all UCO faculty, students and staff will be required to change their UCO password every 210 days. 

You may change your password at any time, or rely on the email notifications reminding you to change your password that are sent at increasingly shorter intervals. For your convenience, we have implemented an online Self-Service Password Reset Tool.  This will eliminate the need for Service Desk involvement when resetting passwords.  This allows the control of your password to be placed in your hands. Your default password will no longer be crafted by information that can easily be gathered from public Facebook information.

Reset Your Password

 UCO Password Guidelines

The University's minimum factors for selecting passwords must be followed by individuals when selecting and setting a password and must be enforced by IT systems whenever technically feasible.

What Are Strong Passwords?

  • 10 - 20 characters in length
  • Must contain alpha and numeric characters, a - z (case sensitive), 0 - 9
  • Must contain at least 1 alpha character, a - z, A-Z
  • Must contain at least 1 numeric character, 0 - 9
  • May contain special characters, such as @, #, $, %, *, &, (, ), etc.
  • Must not be made up of more than 3 repetitive or sequential characters
  • Must not contain your username/ID, first, middle, or last names.
  • Cannot be a dictionary word
  • Cannot be one of the last 10 passwords used for the account

Should you need to change your password, please use the Online Self-Service Password Change Utility or contact the UCO Service Desk for assistance.

 Why Is This Necessary?

The university has implemented these changes to help protect your personal information. However, under the Federal Educational Rights and Privacy Act, or FERPA as it is often called, the U.S. Department of Education is also strongly recommending institutions of higher education implement strengthened policies and regulations regarding passwords.

After extensive research on technology "best practices" and "standards" among our peer institutions, Central's Office of Information Technology determined that changing passwords every 210-days was the best solution for the campus community, at this time, to meet FERPA recommendations.  As technology advances and new information becomes available, we will review and adjust our policy, as needed, to best ensure the protection of your information.

 Password Security FAQ

 

 How can I make my password more secure?

  • Don't use passwords that are based on personal information that can be easily accessed or guessed.

  • Don't use words that can be found in any dictionary of any language.

  • Develop a technique for remembering complex passwords.

  • Use both lowercase and capital letters.

  • Use a combination of letters, numbers, and special characters (where allowed).

  • Use different passwords on different systems.

  • Don't share passwords with others.

  • Change passwords regularly.

  • Store passwords in a safe place.

  • Don't leave passwords where others can find them.

What if someone requests my password via email? 

Any e-mail that requests your password or requests that you to go to a website to verify your password is almost certainly a fraud. This includes requests from a trusted company or individual. E-mail can be intercepted in transit, and e-mail that requests information might not be from the sender it claims. Internet "phishing" scams use fraudulent e-mail messages to entice you into revealing your user names and passwords, steal your identity, and more.

What if I'm using a public computer? 

Computers such as those in Internet cafés, computer labs, and airports should be considered unsafe for any personal use other than anonymous Internet browsing. Do not check online e-mail, chat rooms, bank balances, or any other account that requires a user name and password. Hackers can purchase inexpensive keystroke logging devices which take only a few moments to install. With these devices hackers can harvest all the information typed on a computer from across the Internet.

What if my password is stolen?  

Be sure to monitor all the information you protect with your passwords, such as your bank account statements, credit reports, credit card accounts, etc. Strong passwords can help protect you against fraud and identity theft, but there are no 100% guarantees. No matter how strong your password is, if someone breaks into the system that stores it, they will have your password. If you notice suspicious activity on your accounts that could indicate that someone has accessed your information. Notify authorities immediately.

 

References

Additional information about password security at UCO.


We strive to keep our articles relevant and informative. Please take a moment to leave feedback on the helpfulness of this article.

Details

Details

Article ID: 41992
Created
Fri 11/3/17 1:09 PM
Modified
Tue 8/27/24 8:45 AM

Related Articles

Related Articles (2)

UCONNECT is the university portal for students, faculty and staff. Access to UCONNECT requires a UCO username and password.
Your UCO username is the gateway to most UCO services, such as UCONNECT, D2L, Email, etc. The format is typically your first initial then your last name and may be followed by a number.

Attachments

;