This document covers the current policies and procedures for managing the password that faculty, staff and students use to check email, log on to computers, and connect to the Alvernia University network. Changing your email/network password also affects how you access AU email, such as PDAs and smartphones. See below for details on synchronizing these applications with your email/network password.
What is the email/network password?
All Alvernia University faculty, staff and students have an Alvernia Network Username. This account performs several functions. First, it is used to authenticate your access to your AU email account no matter what software you use (Outlook, Outlook Web Access, Entourage, various other email clients, or PDAs.) It is also the username and password you use when you log into to Alvernia University computers at startup. This password does not apply to myAlvernia, Self-Service or Citrix.
Why has the University implemented this policy?
The main reason is that poorly protected email accounts expose both the users and the host institution to a variety of security risks. Weak and infrequently changed passwords can lead to identity theft, the loss of sensitive institutional data, violation of federal and state data protection requirements, virus infections, and the takeover of user accounts by spammers and criminal hackers without the user's knowledge.
What rules apply to this password?
All email/network passwords must match the following specifications:
- The password must be at least 8 characters in length.
- The password must contain at least one character from at least three of the following groups: upper-case letters, lower-case letters, numbers, special characters (! @ # $ % * ( ) ).
- The password cannot contain more than 2 consecutive characters of the user name. For example, for the username johndoe, the password cannot contain joh, ohn, hnd, ndo, or doe.
- The new password cannot be the same as either of the last 3 passwords used.
How often do I have to change my password?
- Faculty and Staff must change their password at least every 180 days
- Students must change their passwords every 360 days.
- You will receive reminders at 30, 15, and 5 days before your password is set to expire. If the password has not been changed by the required date the account will become inaccessible.