Password Policy
Overview
An effective password policy is crucial for maintaining the security and integrity of user accounts. There are different options available that can be used to enhanced the security of the system:
Minimum Password Length
Password Expiration
Password Complexity
While a strict password policy greatly reduces the risk of unauthorized access, enabling Multi-Factor Authentication provides an extra layer of security that is highly recommended for even greater protection. Learn more Multi-Factor Authentication.
Consideration for Managing the Password Policy
The same password policy apply to all administrative and academic (teachers) users in eBECAS/EDMISS Next Generation, Classic and Teachers portal.
When making any updates to the password policy, the changes will only apply for users on their next password update.
Manage the Password Policy
Your password policy has the following options:
Minimum Password Length
The Minimum Password Length setting ensures that all user passwords meet a required length. By setting a minimum number of characters, this policy helps prevent the use of easily guessable or weak passwords, making it harder for unauthorized users to gain access to accounts. This simple yet effective measure is a foundational aspect of a strong password policy.
Password Expiration
The Password Expiration setting enforces regular changes to user passwords after a specified period. By requiring users to update their passwords periodically, this policy helps mitigate the risk of long-term password exposure and unauthorized access. Regular password updates ensure that even if a password is compromised, it will only be valid for a limited time, thereby enhancing overall account security.
Additionally, when a user’s password expiration is one week away, an automated reminder email will be sent to encourage timely updates.
Password Complexity
The Password Complexity setting mandates the use of varied character types in user passwords, such as uppercase letters, lowercase letters, numbers, and special symbols. This policy ensures that passwords are strong and difficult to guess, significantly enhancing the security of user accounts.
The options available are:
No restriction: Passwords have no requirements and is the least secure option.
Must include alpha, numeric, and special characters: Passwords require at least one alphabetic character, one number, and one special character.
Must include numbers and uppercase and lowercase letters: Passwords require at least one number, one uppercase letter, and one lowercase letter.
Must include numbers, uppercase and lowercase letters, and special characters: Passwords require at least one number, one uppercase letter, one lowercase letter, and one special character.
The special characters allowed are:
! " # $ % & \ ' ( ) * + , - . \ / : ; < = > ? @ [ \ ] ^ _ ` { | } ~
Update the Password Policy
To view and update the Password Policy settings:
From the Utilities menu, go to Settings > Security.
Customise the policy with the options on the Password Policy section.
Click on Update to save the changes.