Technology Center
At Your Service
Complex Network Password Policy
Overview:
MCC uses Microsoft's complexity rules for passwords.
A complex password is the first line of defense against unauthorized access to your
computer and related network resources.
Complexity Rules:
The password complexity rules are as follows:
- A complex password must have a minimum length of 12 characters.
- A complex password cannot contain any part of the user's account name.
- A complex password must follow three of the following four rules:
Rule:
- Include an English uppercase character (A - Z):
- Include an English lowercase character (a -z):
- Include a number (0-9):
- Include a special character (!@#$%&*):
Example:
BlueShoes#2
FunInSuns@1
3GreenTrees@
Friedeggggs4%
BlueShoes#2
FunInSuns@1
3GreenTrees@
Friedeggggs4%
Do not use any of the examples above as a password.
- A complex password is significantly different from previous passwords. The system
will remember the last twenty-four passwords used, and will not allow these as choices
for a new password.
Note: Passwords will expire after 90 days.
There is a self-service password reset tool available to members of the MCC community.
About Best Practices (excerpted from Microsoft.com):
- Always use complex passwords (see above)
- If passwords must be written down on a piece of paper, store the paper in a secure place and destroy it when it is no longer needed.
- Never share passwords with anyone.
- Change passwords immediately if they may have been compromised.
- Be careful about where passwords are saved on computers. Some dialog boxes, such as those for remote access and other telephone connections, present an option to save or remember a password. Selecting this option poses a potential security threat.