CWSL Information Technology Service Desk

Overview 

What this password policy means for you:

• You and only you should know your CWSL network logon password. You should never share your password with anyone.
  
• Passwords must meet complexity requirements (see below). 
• You will not be able to reuse a password you used previously.
  
• You will exercise caution and security awareness any time you enter your username and password into an unfamiliar web site. 

Password Complexity Requirements and Policies
 
1. Passwords shall be a minimum of ten characters in length. Longer passwords are encouraged, however. 

2. Passwords shall consist of at least three of the following four character sets:

• Lowercase alpha characters (e.g. a, b, c, d, e)
• Uppercase alpha characters (e.g. A, B, C, D, E)
• Numbers (e.g. 1, 2, 3, 4, 5)
• Special symbol or punctuation characters (e.g. ! @ # $ % & * _ + ~ . ,>)

3. Don't use your CWSL password for external systems or personal sites. Do not use the same password for different areas (i.e. don't use the same password for the CWSL network that you use for computer systems, applications, personal accounts, etc.). 

Practical Strategies for Protecting Passwords 

• All passwords should be treated as confidential information. Don't include passwords in any documentation. Never send passwords (especially yours!) via email.
  
  
  
• Do not share your CWSL password with anyone.  This includes family members, co-workers, supervisors, administrative assistants, consultants, or even IT (we do not want to know your password, and we will politely refuse it if you offer it to us!).
  
  
  
• Information Technology will never send you an email message asking for your password. This one is important!  IT will never, ever, ask you for your password.  We can support and assist you without knowing your password. If you ever receive such a request, consider it a forgery (i.e. a phishing scam). Disregard any such messages you may receive.  The classic phishing scam email that asks you to "log in to upgrade your webmail account" is still out there, circulating in the wild. People still fall for it. Don't be one of those people.
  
  
  
• Do not write passwords down or store them anywhere in your office or even around your home! Do not store your CWSL password in a notebook, on a sticky note, or in an unencrypted file on any computer system. The best place to store your CWSL password is in your head!  Pick a good, memorable password. If you feel you must store your password somewhere, use a strong password manager like LastPass or 1Password.  
   
  
• Be mindful of who is around you or looking over your shoulder when typing your password.

Other notes:

• Please keep in mind that any time you change your password you will need to change it on any and all devices that use a CWSL password  (typically smartphones, tablets, laptops, and other devices that connect to the CWSL wireless network using your network credentials).
  
  
• If you need to change your password and logging into your office workstation is not an option, log into the Office 365 portal at https://go.cwsl.edu.