Password Controls for Geneseo Accounts

Scope

This policy applies to anyone who has a Geneseo user account. Includes but in not limited to: 

• Students
• Employees
• CAS Employees
• Volunteers
• Retirees

Policy

To prevent unauthorized access to SUNY Geneseo computer systems, users must practice proper password management. This includes:

• Never share your Geneseo password with anyone.
• Never use the same password for more than one account.
• Never tell your password to anyone.
• Never write down your password.
• Never communicate your password by telephone, email, or messaging.
• All user accounts must enroll in and use Multifactor Authentication.
• Log off or lock the screen before leaving a computer unattended.
• Change your password if there is suspicion it has been compromised.
• Consider using a password manager to create and remember complex passwords.

Guidelines

Password must meet the following complexity requirements:

• Your password must contain at least 10 characters.
• Your password must contain 3 out of the following character types:
  • Uppercase letter
  • Lowercase letter
  • Number
  • Special character (e.g. !@#*&).
• Your password must not contain your name or username.
• Your password must not match any of your previous passwords.

Contact

Sue Chichester
CIO & Director, Computing & Information Technology  sue@geneseo.edu