As an employee, you likely have two or more passwords to access campus resources. This page contains information to help you guard your passwords, manage them, and offers tips on choosing strong ones.
Guarding your Passwords
By College policy, Massachusetts law, and industry regulation, users are required to have their own unique usernames and passwords. These credentials are tied to you as an individual, and must not be shared with anyone. Your network password grants you access to dozens of resources on campus, and sharing access to these resources is dangerous to you, as well as the College, and is as a result prohibited.
College administrators, including Helpdesk staff and other ITS employees will never ask you for your password, and if they do -- do not give it to them. It is extremely common for criminals to solicit your password while claiming to be from ITS or another administrative department. Criminals often do this via email, social networks, or instant messaging software, but have also been known to call you on the phone and do the very same thing. Do not be tricked into this.
Managing your Passwords, Choosing Manageable Passwords
Remembering passwords can be a challenge. Writing them down is not recommended. Neither is using browser features that will remember your passwords on websites. There are some tools designed to act as password vaults, and while some are widely used, none are specifically recommended by ITS.
The quagmire is this: You need a password to access almost everything today. Every resource has different password complexity requirements, and password change time intervals. Using one password for everything is simply not possible, nor is it safe. It isn't safe because your social network password could get stolen, through no fault of your own. If you used the same password everywhere, then everything else you access (bank accounts, Gmail, tax returns, etc.) would also be at risk. So, you are stuck with trying to remember a dozen or more passwords in your personal and professional life. Writing them down isn't safe: what if you lose the paper, or someone steals it?
Use a Password Manager
We previously discouraged this, but, these days a strong password is essential, and password managers make generating long and strong passphrases easy and efficient. They are relatively inexpensive, and easy to use. These three are commonly used:
For most of these, you need to pick a "master password". Make it long, strong, and don't forget it. Use the application to generate passwords for your web applications and social networks. Start small -- get used to it first, then expand your usage.
Holy Cross Network Password Requirements
For Faculty, Staff and Students:
- Password must be at least 14 characters, maximum 30 characters, no spaces should be used
- They may not have been previously used.
For ITS Staff:
- Passwords must be at least 14 characters, maximum 30 characters, no spaces should be used
- They may not have been previously used.