2018 Student Newsletters > August > New Password Policy Begins Soon

New Password Policy Begins Soon

This article appeared in the Aug. 14, 2018, issue of the student newsletter.

We’ve all gotten — and sometimes ignored — the alert saying it’s time to change your password again. For DCCCD students, that will soon be a thing of the past. 

A new policy for non-expiring passwords will go into effect Aug. 17 

The current policy requires password changes every 90 days. However, district research has shown that changing passwords isn’t as important as a password’s complexity. 

We’ve always had a policy of changing our passwords periodically. IT and specifically the Information Privacy and Security Office Council discussed passwords and the inconvenience of changing them every 90 days,” says David Williams, chief information privacy and security officer and director of risk management. “We discussed the risks of going to non-expiring passwords. Based on those risks, we decided to go to non-expiring passwords, but to also lengthen passwords and increase the complexity.” 

Within the last year, the National Institute of Standards and Technology (NIST) published a similar stance about the complexity of passwords being more important than the periodic changing of passwords. 

Here’s How You Will Benefit 

Under the current policy, there has been confusion because of the many applications you log in to on a regular basis. 

“We have these disconnected and disjointed passwords that expire at different times. Your Student Email password, your eConnect password, your eCampus password; all of them expire at different times, says Project Coordinator Misherlae Pace. 

To remedy the confusion, the district is implementing additional single sign-on services and non-expiring passwords for you, Misherlae says. 

Once the policy is in place, eCampus (Blackboard) will join DCCCD Student Email (Outlook), myPortal and eConnect in using the same user name and password. 

“We’ve moved to single sign-on where you can set one password,” David says. “Once you set your password, it changes all the connected systems.”

How It Will Work 

To try and make the transition as seamless as possible, passwords will not reset all at once when the policy begins. 

“There’s no way to anticipate every issue that may come up,” says David. “So as users' passwords expire and they’re requested to come up with a new password, then the new rule will go into effect at that time.” 

Under the new policy, your password: 

  • Must be at least 12 characters long 
  • Must contain three of the following four components: 
    • an uppercase letter between A-Z 
    • a lowercase letter between a-z 
    • a number between 0-9 
    • at least one of the following special characters: ,    .     `     ~     !     #     $     %     *     (     )     |  

Note: Common phrases, spaces and other special characters are not supported. 

Other Considerations 

Password Resets  

Along with the policy changes, password.dcccd.edu and password reset will be decommissioned Aug. 31. Once the new policy goes into effect, users will be able to change and reset their passwords directly through Microsoft.  

Issues That Face Student Employees of DCCCD 

Students who work for DCCCD as full-time or part-time employees, student assistants or as part of the Federal Work-Study program historically have faced unique challenges because of their dual roles. Student employees may have two accounts with two different passwords. Their employee account password allows for access to network resources for that particular job at their campus location. Their student account password allows for access to coursework-related materials.   

In the past, managing passwords has been a manual and cumbersome process. The new password processes will allow student employees to independently self-manage the passwords for both accounts.  

For more information about the password update, go to dcccd.edu/password-update.