Published Tuesday, July 10th, 2018
NATS has been focusing for some time on security initiatives and we have some exciting announcements!
As you all know, NATS has been focusing for some time on security initiatives and we have some exciting announcements (yes seriously – exciting security announcements – just read until the end for a very pleasant surprise!):
- As a reminder, administrative rights to campus computers were removed in early July. For faculty/staff you can “check out” admin rights on a temporary basis with the “Make Me Admin” app. You can find a FAQ page and helpsheets for Make Me Admin here.
- We are integrating the security model for Office365 and other single-sign-on (SSO) enabled systems (Sakai, Rave, ServiceNow, etc.). This will result in a few changes:
- You will have fewer reminders to login– once you’ve logged in to any of the SSO services, you’ll remain logged in to all of them for 4 hours (unless you specifically sign out or close all your browser windows)
- The Office365 login page will now look exactly like the SSO sign-on page for other services (formerly they were similar but not exactly the same)
- Outlook users will be prompted by the Outlook client to login in a couple of circumstances:
- Every 90 days
- If you’ve been inactive for 7 days
- We are unifying the way users change their password from all platforms. All password changes will now route through: https://selfservice.wsc.edu
- You’ll now be able to access this before you login from campus computers by clicking the “Password Reset” link on the login page
- The “Control-Alt-Delete” method of changing your password from within Windows will be disabled
- If you want to change your password after you’ve logged in, there is now a “Password Self Service” application in the Utilities section of the application menu of Windows computers
- OK – the finale – are you ready???? *big drumroll* We are changing our password policy to align with the most current NIST Federal recommendations:
- NO MORE PASSWORD EXPIRATIONS FOR FACULTY/STAFF
- NO MORE COMPLEX PASSWORD REQUIREMENTS (i.e. upper case, lower case, numbers, special characters)
- The new password requirements are:
- Passwords are case sensitive.
- Passwords must be at least 8 characters long and no longer than 64 characters.
- Passwords must not be a single dictionary word, for example ‘wildcats’ is not a valid password but ‘I am a wildcat’ would be.
- Passwords must not contain part of your name or username.
- Passwords must not repeat any character sequentially more than 3 times, for example ‘aaabbbccc’ is not permitted as a password.
- Passwords must not contain the key words: “password” and “test”.
- Passwords must not be one of the user’s 5 most recent passwords.
- These changes will be rolled into production Sunday morning, July 15th. Login to various systems will be unreliable from 8AM to noon. The helpdesk will be open for special hours due to this change from noon to 4PM.
- If you have questions or concerns, please give the helpdesk a call at 402-375-7107.