FalconNet Password Policy

Summary

Policy covering the creation and alteration of FalconNet account passwords.

Body

Purpose

The Office of Information Technology is responsible for ensuring the security of the network and the data stored therein. As such, a standard for the creation and alteration of passwords exists to protect the safety and security of individuals’ accounts and college data.
 

This policy will help ensure that all user accounts are secured and data is protected within Cedar Crest College’s FalconNet network of systems and authentication. This policy governs all accounts, data, and systems that require a FalconNet username and password to access. 

This policy is in compliance with the NIST 2024 authentication and security guidelines.

Policy Statement

1. All passwords must comply with the following requirements:

  • Minimum length should be at least 15 characters

  • Must contain both UPPER and lowercase characters.

  • Must include at least 1 number. "1"

  • Must include at least 1 special (!@#$) character.

  • Cannot include your username or given name.

  • Must not contain 5 consecutive characters from your old password

  • Cannot reuse any of the previous 5 passwords
     

2.    Passwords should be changed regularly. However, there is no policy to force a password change.

3.    Users on Windows-based computers will receive notification from their computer when they login at least 7 days before their passwords expire. The ability to change your password will be available at notification, or by hitting CTRL-ALT-DEL and selecting CHANGE PASSWORD. Other systems are incapable of this alert.

4.    All users should setup password reset and recovery within FalconLink.  Password recovery allows you to set up a secondary notification mechanism that will be used to recover your account if you forget your password. Users unable to register or reset their password via the automated system should contact the Help Desk for assistance.  Click here for more information.

 

5.    Every Cedar Crest College account is secured with MultiFactor Authentication that requires renewing tokens on individual devices every 45 days.
 

5.    Good Password Practices:

  • Use a passphrase, not a password, such as: F!yE@glesfLy!

  • Do not write down your password.  Use a Digital Locker instead.  IT can provide anyone with a license for Keeper Security Password Manager.  Click here to learn more.

  • Do not use the same password that you use anywhere else.

  • Do not share your password with others for any reason at any time (in e-mail, phone, or message).  This is a violation of the Acceptable Use Policy (see link below).

 

Remember: your FalconNet password gives others access to your e-mail and network related resources, as well as a number of cloud-based systems tied to the college. It should be safeguarded as sensitive information that allows access to private and protected information.
 

This policy exists in conjunction with the Acceptable Use Policy.

 

Details

Details

Article ID: 56091
Created
Mon 6/18/18 3:00 PM
Modified
Thu 2/13/25 10:25 AM

Related Articles

Related Articles (1)

Access to computer systems and networks owned or operated by Cedar Crest College imposes certain responsibilities and obligations and is granted subject to College policies, and local, state, and federal laws. Acceptable use must be ethical, reflect academic honesty, and show restraint in the consumption of shared resources.

Attachments

;