OIT announces new password policy

The Office of Information Technology’s Information Security and Assurance team is updating and improving the . These standards align with Board of Regents Policy 02.07 and are part of ongoing efforts to strengthen our institution’s cybersecurity. As part of these improvements, UA will implement a new password policy. 

What’s Changing?

Starting Feb. 5, ELMO will require a new minimum password length of 16 characters – twice the length of the current minimum of eight characters. These longer passwords, called “passphrases,” have the following benefits:  

• Easier for humans to remember: Passphrases don’t need to contain numbers, special characters or capital letters, so your password can be unique and random, but still memorable to you. Consider three to four words that mean something to you but aren’t related to each other. Now you have a passphrase!
• Greater security: Passphrases are significantly more resilient against brute force attacks, rainbow tables and dictionary attacks.
• Less frequent changes: Passphrases will remain valid for 730 days (two years), compared to the current 400 days.

If you change your password before the effective date, your current password will remain valid under the old password policy until it expires, so access to your University account won’t be impacted by this change.

For more information, visit site, or contact the Nanook Technology Service Desk.