September 15, 2015

CedarNet Password Expiration for Students

Information Technology is continuing to work on protecting network accounts from malicious attacks. The two-factor authentication system (Duo Security) and password-hint questions are two of our primary efforts in that regard.

We are now ready to implement the third phase of security improvement: expiring passwords that have not changed in a long time. Faculty and staff have been operating with password expiration for over a year and this has helped prevent compromises of network accounts.

The expiration of student passwords will be phased in between now and the end of November 2015.

Information Technology will be sending notes to affected students in groups, starting with students whose passwords have not been changed for several years. Students receiving these notes will be given 3 weeks to change their password in CedarInfo. Once changed, the new password will be good for 360 days (just under a year).

We appreciate everyone’s efforts to improve security. We have had a reduction in the number of compromised accounts and expect that number to drop even further as we implement password expiration.

Posted in: