• Offices & Services
  • Information Technologies
    • Home Page
    • Who Can I Contact?
    • Media Services
    • Mission Statement
    • IT Maintenance Window
    • Resources
      • Computer Requirements
      • Is My Computer Ready for the Network
      • I'm Ready To Connect! What Do I Need?
      • Changing Your Password
      • Accessing Your H:Drive
      • Networked Printing
      • Using Student E-mail
      • Spam Prevention
      • Spyware Information
      • Internet Hoax Info
      • Computer Lab Hours
      • Wireless Internet Access
      • Using Network Resources
      • Helpful Student Info
      • Connectivity Guide
      • Technology Tips
      • Computer Purchase Discounts
    • Policies
      • Employee Network Account Management
      • Computer Usage Policy
      • Network Password Policy
      • Computer Carry-In Policy
      • Printing Policy
      • Media Equipment Checkout
      • Facility Reservations - Media Services
    • Procedures
      • Copier Service

1.0 Overview
Passwords are an important aspect of computer security. They are the front line of protection for user accounts. A poorly chosen password may result in the compromise of Malone College's entire campus network. Therefore, all Malone College employees (including contractors and vendors with access to Malone College systems) are responsible for taking the appropriate steps, as outlined below, to select and secure their passwords.

•  All user-level passwords (e.g., email, web, desktop computer, etc.) must be changed at least every sixty days.
  User accounts that have system-level privileges granted through group memberships must have a unique password from all other accounts held by that user.
• Passwords must not be inserted into email messages or other forms of electronic communication.
• All user-level and system-level passwords must conform to the guidelines described below.

• The password contains less than eight characters.
• The password is a word found in a dictionary (English or foreign).
• The password is a common usage word, such as: 
  •  Names of family, pets, friends, co-workers, fantasy characters, etc.
  • Computer terms and names, commands, sites, companies, hardware, software.
  • The words “Malone College," "Canton," "Ohio," or any derivation.
  • Birthdays and other personal information, such as addresses and phone numbers.
  • Word or number patterns (e.g., aaabbb, qwerty, zyxwvuts, 123321, etc.)
  • Keyboard patterns (e.g., asdfgh, qwert, yuiop, etc.)
  • Any of the above spelled backwards.
  • Any of the above preceded or followed by a digit (e.g., secret1, 1secret, secret77.)

• Contain both upper and lower case characters (e.g., a-z, A-Z).
• Have digits and punctuation characters as well as letters (e.g., 0-9, ! @ # $ % ^ & * ( ) { } | [ ] < > ? /
• Are at least eight alphanumeric characters long.
• Are not a word in any language, slang, dialect, jargon, etc.
• Are not based on personal information, names of family, etc.

Passwords should never be written down or stored online. Try to create passwords that can be easily remembered. One way to do this is create a password based on a song title, affirmation, or other phrase. For example, the phrase might be: "This May Be One Way To Remember" and the password could be: TmB1w2R! or Tmb1W>r~ or some other variation.

NOTE: Do not use any of these examples as passwords!

Do not share Malone College passwords with anyone, including administrators, administrative assistants, or secretaries. All passwords are to be treated as sensitive, confidential Malone College information.

• Don't reveal a password over the phone to ANYONE!!
•  Don't reveal a password in an email message.
• Don't reveal a password to your supervisor.
• Don't talk about a password in front of others.
• Don't hint at the format of a password (e.g., "my family name").
• Don't reveal a password on questionnaires or security forms.
• Don't share a password with family members.
• Don't reveal a password to co-workers while on vacation or away from the office.
• Don’t log into a workstation with your username and password and then let another person use the workstation. If they require access to Malone College Network resources, require that they login with their own username and password.
• Don’t watch the monitor or keyboard of a workstation when another user types in his/her username or password. Make a conscious effort to show that you respect the user’s login information by turning away as they type in the login information.

If someone demands a password, refer them to this document or have them call someone in the Information Technologies Department at x8428 or 330-471-8428.

Do not use the "Remember Password" feature of applications  (e.g., Outlook, Eudora, Netscape Messenger).

Again, do not write passwords down and store them anywhere in your office. Do not store passwords in a file on ANY computer system (including Palm Pilots or similar devices) without encryption.

Change passwords at least once every sixty days.

If a user suspects that an account or password has been compromised, report the incident to Information Technologies, and change all passwords.

Password cracking or guessing may be performed on a periodic or random basis by the Information Technologies Department to enforce this policy. If a password is guessed or cracked during one of these scans, the user will be required to change it.

• Existing passwords on Malone Domain accounts must be changed on March 21, 2002.
• Passwords cannot be re-used. New passwords will be required.
• Passwords shall be a minimum of eight characters in length.
• Passwords must be changed every sixty days.