Shepherd University logo Information Technology
Services
SEARCH    
Home | About | Undergraduate | Graduate | Prospective | Current | Athletics | Alumni | Faculty/Staff  

I. T. Services

For Students

For Faculty/Staff

I. T. Services Policies and Procedures

Frequently Asked Questions

Projects and their current status

About Us and Contacts
Passwords

Directive
At the present time no restrictions are in place concerning the complexity, expiry, or history of passwords. Your Shepherd network password must be at least six characters long. While no other restrictions are in place, IT Services recommends that people follow these standards when selecting passwords:
• Passwords should be at least eight characters long; the longer a password is, the more secure it is.
• Passwords should include both lower-case and upper-case letters, as well as at least one numeric character and one non-alphanumeric character (e.g., a punctuation mark).
• Passwords should not include words found in any dictionary, including foreign dictionaries or specialized dictionaries (e.g., medical or scientific).
• Passwords should be changed at least every six months, and ideally every three months.
• Passwords should be rotated no more frequently than once every five times. In other words, do not reuse a password if it is one of the previous four passwords. Ideally passwords should not be reused at all. In the event a previous password is compromised it will not result in any harm.
• Do not write down your passwords if possible; if you must, do not store them in an easily guessed location.

Rationale
Information security is only as strong as its weakest link. In most cases that is the password chosen to protect the data. More sensitive information should be protected with stronger security methods.
While these guidelines may make choosing a password difficult, there are several techniques to use that can generate secure yet memorable passwords. A common technique is to take a sentence, use the first or key letters of each word, and substitute appropriate characters if necessary. For example:

Password strength for fun, if you know how!

can turn into

Pws4f,iUkh!

(Please do not use this or other available password examples as your password.)

Should we begin requiring stronger passwords, or anticipate other changes to our password policies, we will notify the campus community with sufficient notice prior to the implementation of any changes. Changes to authentication requirements typically are motivated by annual audits of our financial information systems to determine that there are adequate controls in place, including the security of passwords used to access the systems. Other changes may come as a result of requirements to comply with particular industry standards for data protection, such as for credit cards or health information.
Shepherd University | I. T. Services | P.O. Box 5000 | Shepherdstown, WV | 25443-5000
User Support Desk 304-876-5457 | Main Number 304-876-5245 | email: support@shepherd.edu