Last fall, the McDaniel College IT Department implemented a new requirement concerning password complexity and expiration dates, with all students, faculty, and staff being required to change their passwords in a global password reset at the beginning of this semester.
“Many rules and regulations governing the use of sensitive and personal data requires that passwords expire,” said Andrew Lawlor, CIO of McDaniel’s IT Department.
Changing passwords regularly also prevents criminal logins through McDaniel accounts. The password change keeps information secure by expiring at a certain time: 90 days for faculty and staff and 180 days for students.
Faculty and staff passwords require more changes due to the sensitive nature of some information they could have, while students are less likely to have access to sensitive information. Students are still encouraged to change their passwords as frequently as they would like.
Passwords are now also required to have a minimum of 10 characters and at least three of the four categories of number, symbol, upper-case, and lower-case letters. By making passwords more complex, it makes them much harder for others to guess.
“One tip is to create a password as a pass phrase so it is easier to remember and will use up to 10, or more, characters by nature of it being a phrase rather than a word,” said Lawlor.
Due to the new expiration dates on passwords, it is unlikely that there will be need for another global password reset. Students can easily access the ‘Manage Password’ page through the My McDaniel login page to change their passwords at any time.
Further information can be found on the website it.mcdaniel.edu.