|Home » Categories » IT Help Desk » I.T. Policies|
Article Number: 1070 | Rating: Unrated | Last Updated: Mon, Jun 2, 2014 at 4:40 PM
Department of Information Technology
Passwords are an important aspect of computer security. They are the front line of protection for user accounts. A poorly chosen password may result in the compromise of York College’s entire network. As such, all York College employees (including contractors and vendors with access to York College systems) and students are responsible for taking the appropriate steps, as outlined below, to select and secure their passwords. All use of York College accounts is assumed to be performed by the person assigned to that account. Account owners are held responsible and liable for all activities with their accounts.
The purpose of this policy is to establish a standard for creation of strong passwords, the protection of those passwords, frequency of change, and resetting of passwords on York College systems.
The scope of this policy includes all personnel who have or are responsible for an account (or any form of access that supports or requires a password) on any system that resides at any York College facility, has access to the York College network, or stores any non-public York College information.
System and session idle timeout feature will be set on all systems to time out after being idle for 15 minutes. If you have forgotten your password, you should utilize the ChangeMe website, available on the front page of the myYCP Portal. You will be required to login via security questions that you chose and answered. If you have forgotten the answers to your security questions, you will need to present your York College ID to the Information Technology Help Desk, and they will further assist you in resetting your questions and password. If you are unable to physically visit the Information Technology Help Desk, we will mail your account information to the address that we have listed in our official records, using United States mail only. There are no exceptions to this policy.
General Password Construction Guidelines
York College uses Single Sign-On (SSO) technology to enable students and employees to use one username and password combination to access multiple systems and applications, such as MyYCP Portal, YCPWeb, Google Apps, and Blackboard. Although SSO makes accessing York College systems more convenient, it also places greater importance on selecting a strong password that is difficult to guess. Students and employees are strictly prohibited from sharing their YCP password with anyone for any reason.
Strong passwords have the following characteristics:
NOTE: Do not use any of these examples as passwords!
Password Protection Standards
Do not use the same password for York College accounts as for other non-York College access (e.g., personal bank account, option trading, benefits, etc.). Do not share York College passwords with ANYONE, including family members, co-workers, administrative assistants or supervisors. Passwords must never be sent in an email or instant message. Do not use the "Remember Password" feature of applications (e.g., Firefox, Chrome, Instant Messenger). Passwords must never be written down or stored in a file on any computing device (including laptops, smart phones, tablets or similar devices) without using encryption. All passwords are to be treated as sensitive, confidential York College information.
The York College IT Department will NEVER ask you to reveal your password at any time. If you are asked to reveal your password via telephone, email, or in person by anyone claiming to be a York College official or IT Department staff member, do not respond. Report the incident immediately to the IT Help Desk at (717) 815-1559.
If an account or password is suspected to have been compromised, report the incident to the IT Help Desk and change all passwords.
Users who violate this policy may be denied access to College computing resources and may be subject to other penalties and disciplinary action, including possible expulsion or dismissal. Alleged violations will be handled through the college disciplinary procedures applicable to the user. The College may suspend, block or restrict access to an account, independent of such procedures, when it reasonably appears necessary to do so in order to protect the integrity, security, or functionality of the College or other computing resources or to protect the College from liability. The College may also refer suspected violations of applicable law to appropriate law enforcement agencies.
York College Information Technology Acceptable Use Policy
There are no attachments for this article.
There are no comments for this article. Be the first to post a comment.
Personal Computer Connectivity Policy
Viewed 841 times since Thu, May 29, 2014
Personal Web Page Policy
Viewed 894 times since Thu, May 29, 2014
YCP Payment Card Policies and Procedures
Viewed 251 times since Thu, Jul 16, 2015
Personal Computer Connectivity Liability Waiver
Viewed 4025 times since Thu, May 29, 2014
Digital Millennium Copyright Act (DMCA) Compliance Policy
Viewed 3786 times since Thu, May 29, 2014
Acceptable Use Policy
Viewed 1142 times since Thu, May 29, 2014
Higher Education Opportunity Act (HEOA) Compliance Policy
Viewed 820 times since Thu, May 29, 2014