This policy outlines password management requirements for College user accounts.
Passwords are a common means of authenticating a user’s identity when accessing information systems. Password standards need to be implemented to ensure all authorized individuals accessing College resources follow proven password management practices. These password rules must be mandated by automated system controls whenever possible.
Applicability of the Policy
This policy applies to all SUNY Oneonta faculty, staff, students, and all other users of the college’s information systems.
To ensure proper password management, the following password standards will be implemented where technically feasible:
Suspicious login attempt behavior - Login attempt patterns identified by IT Security as indicators of attempted compromise. For example, excessive failed login attempts in a given time frame that would suggest a brute-force attempt to guess an account password.
Questions related to the daily operational interpretation of this policy should be directed to:
ITS – IT Security
Approved by the President/Provost 4/8/2020
Review again on 4/8/2025