Select Page
Print Friendly, PDF & Email

F6
Password Policy Guidelines
Approved: 01/20/2011
Revised: 06/28/17

 

Purpose
This document outlines the password policy and guidelines for use within Ypsilanti District Library. This policy applies to authorized staff accessing Ypsilanti District Library user accounts at all YDL locations.

1. Password Policy

  • Passwords for newly-activated Library accounts must be changed upon first use.
  • Passwords will expire automatically every 6 months. Upon expiration, users will be prompted to create a new password to access their account.
  • When a password is changed, the new password must be different from the last two passwords.
  • If an incorrect password is entered three consecutive times, the account will be disabled. Users will need to contact the IT Department re-enable the account.
  • All use of YDL accounts is assumed to be solely by the person assigned to that account. Users are held responsible for all activities and content associated with their accounts.

2. Password Guidelines

  • A user’s password must be eight to twelve characters in length and must be alphanumeric.
  • A password may not be the same as the user ID.
  • It must not include the first, middle, or last name of the user.
  • Password must not be shared with anyone.
  • Password must not be written down.

3. Recommended Best Practices

  • Use two numbers within the first eight characters.
  • Include special characters if permitted.
  • Don’t use a name, a string of numbers, or your User ID.
  • Don’t use easy-to-guess passwords such as a blank or “password.”
  • A general principle is that a long, complex password is stronger. Ideally your password will be close to 12 characters in length and follow these best practices. Some very good advice is to think of a small sentence, then remove spaces and strategically replace a few characters with numbers/special characters.

 

 

Example sentence: jackfelldown
Converted to password: J@ckf3lldown

This example is easy to remember, has 1 capital letter and 2 special characters, an @ sign for a and a 3 substituted for an E. It is 12 characters in length, making it more difficult to guess or crack.

Another example: OneHappyDog
Converted to password: 0n3h@ppyDog

This password is 11 characters in length, extremely strong, and easy to remember.

4. Support

  • If users need assistance they should contact the IT Department.