Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Password Policy

            Modified on Sat, 29 Jul, 2023 at 1:01 PM

            South Weymouth Church of the Nazarene Password Policy 

             

            Overview 

            Passwords are an important aspect of computer security. A poorly chosen password may result in unauthorized access and/or exploitation of South Weymouth Church of the Nazarene's resources. All users, including contractors and vendors with access to South Weymouth Church of the Nazarene’s systems, are responsible for taking the appropriate steps, as outlined below, to select and secure their passwords. 


            Purpose 

            The purpose of this policy is to establish a standard for the creation of strong passwords, the protection of those passwords, and the frequency of change. The scope of this policy includes all personnel who have or are responsible for an account (or any form of access that supports or requires a password) on any system that resides at any South Weymouth Church of the Nazarene facility or has access to the South Weymouth Church of the Nazarene network. 


            Policy 

            • All system-level passwords (e.g., root, enable, Windows Administrator, application administration accounts, etc.) must be changed on at least 60 days or in the case of an employee that leaves. 
            • All user-level passwords (e.g., email, web, desktop computer, etc.) must be changed at least every 182 days or 6 months. 
            • User accounts that have system-level privileges granted through group memberships or programs must have a unique 14 character password from all other accounts held by that user. 
            • All user-level and system-level passwords must conform to the guidelines described below. 


            Guidelines 

            1. General Password Construction Guidelines 

            All users at South Weymouth Church of the Nazarene should be aware of how to select strong passwords. 


            Strong passwords have the following characteristics: 

            • Contain at least three of the five following character classes: 
              • Lower case characters o Upper case characters 
              • Numbers 
              • Punctuation 
              • “Special” characters (e.g. @#$%^&*()_+|~-=\`{}[]:";'<>/ etc) 
            • Contain at least eight alphanumeric characters. 


            Weak passwords have the following characteristics: 

            • The password contains less than fourteen characters 
            • The password is a word found in a dictionary (English or foreign) 
            • The password is a common usage word such as: 
              • Names of family, pets, friends, co-workers, fantasy characters, etc. 
              • Computer terms and names, commands, sites, companies, hardware, software. 
              • The words "SWN", "sanjose", "sanfran" or any derivation. 
              • Birthdays and other personal information such as addresses and phone numbers. 
              • Word or number patterns like aaabbb, qwerty, zyxwvuts, 123321, etc. 
              • Any of the above spelled backwards. 
              • Any of the above preceded or followed by a digit (e.g., secret1, 1secret) 


            Try to create passwords that can be easily remembered. One way to do this is create a password based on a song title, affirmation, or other phrase. For example, the phrase might be: "This May Be One Way To Remember" and the password could be: "TmB1w2R!" or "Tmb1W>r~" or some other variation. (NOTE: Do not use either of these examples as passwords!


            B. Password Protection Standards 

            • Always use different passwords for South Weymouth Church of the Nazarene accounts from other Non-South Weymouth Church of the Nazarene access (e.g., personal ISP account, option trading, benefits, And Bank accounts etc.). 
            • Do not share South Weymouth Church of the Nazarene passwords with anyone, including administrative assistants or secretaries. All passwords are to be treated as sensitive, confidential South Weymouth Church of the Nazarene information. 
            • Passwords should never be written down or stored on-line without encryption. 
            • Do not reveal a password in email, chat, or other electronic communication. 
            • Do not speak about a password in front of others. 
            • Do not hint at the format of a password (e.g., "my family name") 
            • Do not reveal a password on questionnaires or security forms 
            • If someone demands a password, refer them to this document and direct them to a Technology Staff member.
            • Always decline the use of the "Remember Password" feature of applications (e.g., Facebook, Outlook, AOL IM, I/E, Firefox, Chrome). 
            • If an account is compromised (spam, hacked) Technology Staff will take action starting with changing the password. The user will be informed and required to come to see a Technology Staff member to reset the password and consult on what can be done to avoid it from happening again. 


            If an account or password compromise is suspected, report the incident to a Technology Staff member immediately. 



            1.0 Revision History 

            • Technology  – October 2023

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0