The browser you are using is out of date and may not support all of the features of this website. Please update your browser to a modern browser that supports HTML5.

Purpose

This document establishes a standard for password creation and protection in order to mitigate compromise of sensitive or confidential information.

Scope

This security standard applies to all users (employees, contractors, vendors, and other parties) of Georgia Southwestern State University technology systems.

Standard

All passwords shall be constructed with the following characteristics:

  1. At least 10 characters in length
  2. Must contain characters from at least 3 of the following categories:
    1. English uppercase letters (A-Z)
    2. English lowercase letters (a-z)
    3. Base 10 digits (0-9)
    4. Non-alphanumeric characters (for example, !, $, #, %)
  3. Must not contain the user’s name or part of the user’s name
  4. Must not contain accessible or guessable personal information about the user (such as birthdays, children’s names, addresses, etc.)
  5. Must be different from your previous four passwords

All system-level passwords (e.g., root, enable, Windows admin, application administration accounts, etc.) shall be changed every 90 days. All user- level passwords (e.g., email, web, desktop computer, etc.) shall be changed every 180 days.

Temporary or “first-use” passwords may violate the above requirements, but must be changed by the user upon first logon.

Administrators are given authority to determine security of passwords that violate the above requirements if other measures are put in place, such as account lockout or password history.

All passwords should be treated as confidential information, and should not be shared with anyone, including but not limited to administrative assistants, system administrators, and helpdesk personnel.

Passwords shall not be stored in clear text. Cryptography shall be used when storing password information. Passwords shall not be inserted into email messages or other forms of electronic communication unless encrypted.

User accounts that have system-level privileges granted through group memberships or programs shall have a unique password from other accounts held by that user.

If an account or password is suspected of being compromised, the incident must be reported to the appropriate access administrator or in accordance with local incident response procedures.

applyrainclassScheduleemaildonateGeorgiaViewCanes ConnectBeaconyoutubeinstagramtwitterfacebook

© Georgia Southwestern State University, 800 Georgia Southwestern State University Drive, Americus, Georgia 31709 | (877) 871-4594

Email Access

To login into email, please select if you are a student or Faculty/Staff

Student Email    Faculty/Staff Email

×

Apply to GSW

Thank you for your interest in Georgia Southwestern. What would you like to apply for?

Undergraduate Admissions    Graduate Admissions    Check Admission Status

×

Site Login

You can use this portal to login to the GSW website.  This will allow you to make instant edits to your pages. If you do not have an account and are a GSW Faculty/Staff member please click here.

Please be sure to logout when you are done!

×