This policy establishes a standard for creation of strong passwords, the protection of those passwords and the frequency of change.
The purpose of this policy is to establish a standard for creation of strong passwords, the protection of those passwords and the frequency of change. Passwords are the most frequently utilized form of authentication for accessing a computing resource. Due to the use of weak passwords, the proliferation of automated password-cracking programs, and the activity of malicious hackers and spammers, they are very often also the weakest link in securing data.
A poorly chosen password may result in unauthorized access and/or exploitation of Champlain College resources, possibly including the confidential data of students, alumni, applicants, faculty and staff. All users, including contractors and vendors, with access to Champlain College systems are responsible for taking the appropriate steps, as outlined below, to select and secure their passwords.
This policy applies to all users of computing resources owned or managed by Champlain College. Computing resources include all licensed or managed hardware and software (including telephone equipment) owned by the College, and use of the College network via a physical or wireless connection, regardless of the ownership of the computer or device connected to the network.
Specific users bound by this policy include:
All passwords for Champlain College systems and applications (e.g., email, web, desktop computer, etc.) should be strong passwords and follow the standards listed below. In general, a password’s strength will increase with length, complexity and frequency of changes.
Use of multi-factor authentication is strongly encouraged when available (such as with Google Mail) and may be required when accessing high-risk systems, such as those containing restricted or confidential information.
All passwords must meet the following minimum standards, except where technically infeasible. Longer passwords are inherently more secure because it takes hackers longer to guess them when employing a brute force method. So make your password longer and some of the complexity requirements can be reduced. This has the added bonus of making it easier to type your password on a mobile device.
Number of characters | Requirement |
8 – 11 | Requires mixed case letters, numbers and symbols |
12 – 15 | Requires mixed case letters and numbers |
16 – 19 | Requires mixed case letters |
20+ | Any characters you like! |
Here are a couple of suggestions for making long passwords:
To change your password, use your web browser to go to welcome.champlain.edu.
Any individual found to be in violation of this policy shall be subject to appropriate disciplinary action, up to and including termination of employment or expulsion from enrollment at the College. Individuals are also subject to federal, state and local laws governing many interactions that occur on the Internet. These policies and laws are subject to change as state and federal laws develop and change.