Skip to main content
Link to news home page
News

Campus policy change will require new passwords

February 28, 2006

UW–Madison has updated its policy on computer passwords and, during the next 12 months, will require all users of the campus network to specify a new password for use with their NetID.

The new policy, which was approved by the campus Information Technology Committee at its Feb. 17 meeting, calls for a password standard that all campus computers users must meet when accessing UW online resources. It includes a minimum length of eight characters, a mix of upper- and lower-case letters, digits and special characters, and other requirements.

In late March, the new standards will be applied to all new or changed NetID passwords. During the next year, users of the campus network will be asked to update their NetID password to ensure that all passwords meet the minimum standard. They will also be encouraged to specify strong passwords for the other UW systems they access.

“The real purpose of this is to help individual users protect their own identity, information and the data of others,” says Jim Lowe, security manager at the Division of Information Technology (DoIT). “From a personal point of view, stronger passwords can reduce the risk of losing such information as financial data, grades and research results.”

The policy change is the result of Legislative Audit Bureau concerns about the security of campus computing and lack of password standards at UW–Madison. Drafts of the new policy were reviewed by students, faculty and administrators, including the dean of students office, the dean’s student advisory committee, the registrar, Tech Partners and other campus organizations.

Lowe says that DoIT’s security group can work with departmental IT support staff to evaluate security needs and select an appropriate password scheme for local use.

The new baseline password standard is at http://www.doit.wisc.edu/security/policies/password.asp. For tips on creating passwords, see http://www.doit.wisc.edu/security/passwords/. Click the links there for other information on managing passwords and to see a Flash video on strong passwords.