Password Change Policy
Password for administrative, highly privileged accounts must be changed annually.
All user-level passwords (mail, web, desktop) must be changed annually
Access to University systems will be closed when a password is not changed as scheduled
Passwords must not be inserted into email messages.
Benefits of Password Change
1. Multiple Accounts Breach Limitation
Reusing same AUC password in several accounts like e-bank account, social media, facebook etc, increases risk if the password is hacked.
It is always advisable to change your password to something unique for each of your accounts.
2. Constant Access Prevention
A hacker may try to access your account more than once over a period of time.
Changing your password reduces the risk that they will have frequent access.
3. Saved Used Password Prevention
If you lose or change computers, it is possible someone may gain access to your saved passwords.
Consistently changing your password means that even if someone finds an old, saved password, it will no longer be useful.
4. Credentials Stealing Prevention
To avoid falling as a victim of credentials stealing, it is always advisable to regularly changing your password on a regular basis.
Password Change Guidelines
1. Password Complexity
Use 10 characters that contain both upper and lower characters, one number and one special character
2. Don’t Use Weak Password
Passwords that contain personal information such as birth dates, addresses, phone numbers or names of family members, pets, friends and fantasy characters
Passwords that contain work-related information such as building names, system commands, software, or hardware
Passwords that contain patterns such as aaabbb, qwerty, 123321
Passwords that contain some version of “Welcome123”, “Password 123”, “AUC 123”