UAMS Password Policy Changing; Implementation Delayed until Oct. 1
| Delayed – Due to some unforeseen system dependencies that will need to be remediated prior to launch, this change will be delayed 30 days with a new go live date set for Oct. 1, 2021. We know everyone is looking forward to the change and we apologize for the inconvenience.
To better align with current security recommendations from the National Institute of Standards and Technology (NIST) UAMS is updating the network password policy for all users. The result of this change will be to eliminate password expiration, meaning that users will no longer be required to change their passwords every 120 days, and to increase the required minimum password length from 8 characters to 12 characters.
We will begin implementing this policy change on Oct. 1, 2021. The implementation will be fully deployed, and users transitioned to the policy over one full 120-day expiration cycle. No action will be required on the start date. Your current password will continue to work without any issue. You can simply wait until your current password reaches its expiration, and upon changing the password you will be required to provide a new minimum 12-character password. After you have set your new minimum 12-character password, you will no longer be required to change your password on a regular basis going forward. You will still need to change your password in the future if any compromise of your password is suspected by you or UAMS IT.
When choosing a password, it is recommended to avoid personal information such as your name, the names of family members, or your date of birth. It’s also recommended to avoid using generic and sequential information in your password such as Password123 or ABC123.
Create a unique password for your UAMS domain account – in other words, do not use the same password for your UAMS domain account that you use for your personal email address, bank account, or social media accounts.
You can review the updated policy regarding password management on Compliance360 by going here:
Policy 2.1.37 – Information Security & Password Management