To protect you and the University, starting this fall Brown will require that all network passwords contain a minimum of ten characters, include a symbol, and be changed annually.
ISG recommends that you get a jump on the new requirements and change your password now. We’ve prepared the following FAQ that will hopefully answer your questions about this initiative. If not, let us know at ISG@brown.edu.
Q. Why do I need to change my Brown network password?
A. There are several reasons:
- A new directory system will be introduced this fall with stricter password requirements than our current one.
- An increasing volume of confidential, restricted and personally identifiable information (PII) is available to staff and faculty (Banner, Workday, FIS, etc.).
- The growing use of systems, tools and data “in the cloud”, such as research grants and contracts requiring a certain LOA (Level of Assurance).
- Upgrading our LOA with InCommon (authentication using Shibboleth) from Bronze to Silver status, a security level appropriate for financial transactions. Learn more about the InCommon Assurance Program and LOA’s.
Q. What are the new password requirements?
A. The requirements are:
- A minimum of ten characters in length
- Meet the following complexity requirements: contain both upper and lower case characters, at least one number and one special character
- Exclude words in any dictionary, language, slang, dialect, jargon, etc.
- Not be the user’s account name
- No repeated or consecutive characters (e.g., ddd or 678)
Q. How often will I have to do this?
A. Everyone will need to change their password annually.
Q. What happens if my password is not changed within the allowed window of time?
A. It is imperative that you change your password before its expiration date. Otherwise, you may lose access to Brown electronic resources.
Q. Are there any tips on how to create a hard-to-guess but easy to remember password?
A. Yes! See a list of tips at brown.edu/go/passwords.
If you’re ready to change it now, go to brown.edu/myaccount.