Although passwords must be longer due to a new ITS policy, they don’t need to be changed as often.
The rule now states that passwords must be 14 characters long, rather than the previous rule of eight. Additionally, instead of passwords expiring after 60 days, they will now only expire annually.
Daniel Chace, director of network and system infrastructure said protection was the reason for the change.
“The primary reason for the change of the policy is to increase the security of the accounts,” Chace said.
According to Chace, more complicated passwords lengthen the password change frequency so people have to change their passwords less often.
Jeff Price, ITS Help desk manager, said he prefers the new password policy over the last one because of the one-year change adjustments.
“Personally, I prefer the new one just because I have to change my password ⅙ not as often, so for me that’s going to be a lot more convenient way to get into all of my accounts,” Price said.
The discussion to bring a new password policy had been going around since the start of 2021. However, the new password policy came into effect Monday, March 21.
“Starting that day, everybody, when they change their passwords, need to follow the new rule and will have the new expiration date,” Chace said.
Price said he was so excited for the new policy that he changed his password as soon as possible.
“I actually changed mine on Monday even though it wasn’t expired just to get on the one year trend,” Price said.
Several ITS employees said their frequent use of the SIUE website prevents them from forgetting their passwords. But it is not out of the ordinary to forget one’s password and nearly everybody has experienced it at some point.
Another new feature was introduced by the team at ITS, in collaboration with the University Police Department. This new feature allows users to change their passwords using the “forgot password” feature via texts.
“If I could pick one thing for the students to know, working at the help desk, it would be about the e-lert system and if you have signed up for e-lert, you can change your forgotten password with a text message, that is an option a lot of folk don’t know about,” Price said.
According to Price, users need to sign up for the e-lert system to be able to change their passwords via text.
Jeff Laughlin-Smith, chief information officer, said that the newer technologies like face ID recognition and fingerprints couldn’t be used for now because they incur a lot of expenses and a high susceptibility to different errors.
According to Laughlin-Smith, bio-based authentication has a lot of error tolerances, they would have to be tested and maintained,
“It is not an exact science considering the amount of folks that we have here and what we are trying to accomplish, it just makes more sense to deal with the password tolerances and other things like multifactor that use a token,” Laughlin-Smith said.
For more information, visit the ITS website.