Guarding the data integrity and reputation of the college, as well as protecting confidential information of students and employees, are critical reasons for implementing password controls. Please read the guidelines below carefully, as you will be affected by these new password controls.
Passwords
- Must be at least 8 alphanumeric characters long
- Must contain both upper and lower case characters and digits (e.g., a-z, A-Z, 0-9)
- Must contain at least one special character:
~ ^ * _ ? \ . / ! + - { } [ ]
- Must not contain:
@ $ & “ : ( ) , < > ` ; = | # % (and blank spaces)
- Have a life of 6 months and cannot be reused for at least 1 year
- Have a 7 day grace period after expiration
- Will lock you out after 3 failed login attempts (after which the account will automatically be unlocked after 3 days).
In addition, idle timeout sessions is invoked. If Banner is left idle for 1 hour, you will be need to log into Banner again.
Password Controls FAQ's
How do I change my password after it expires?
You will get a warning message in Banner when your password expires. If you are in the grace period, go to GUAPSWD in Banner to change your password. If your grace period has expired, you will automatically be required to change your password.
What happens if I enter an incorrect password?
After 3 failed attempts, your account will be locked. Please contact the Helpdesk to request that your account be unlocked. (Note that the Helpdesk staff do not have the authority to unlock passwords and they will need to route the request to the appropriate staff in LIS.)
If I change my password in production, are other databases updated with the new password?
No, the change is only made to the database you are logged into. However, for those using the reporting database (for Hyperion), the password change will automatically be triggered when you change your password in the production database.
Are there any limitations in using Banner during the grace period?
Yes, there is. Currently Banner validates your password every time you run a process through job submission. However if your password has expired, Banner does not consider your password valid during the grace period. Therefore, if you are running jobs in Banner, it is important that you change the password as soon as you get the expiration message. Also note that the password expires 6 months from the time you change your password. If you changed your password at 10:00 AM today, it will expire at 10:00 AM 6 months from now. Hyperion, Intellecheck, and Evisions will not accept passwords during the grace period.
We are looking into creating a Hyperion query advising those who are close to their expiry date.
Are any other applications affected by this change?
When you make a password change in Banner, you must use that password in Hyperion (for Banner security, not the Hyperion login), Intellecheck, and Evisions.
Are there any other any naming convention restrictions?
The following special characters may be used:
~ ^ * ? \ / ! + - { } [ ]
The following special characters may not be used:
: @ $ & “ ( ) , < > ` ; = | # % (and blank spaces)
Also a password should not contain:
- personal information, names of family, etc.
- personal information such as addresses, social security numbers, or phone numbers
- any representation of the user's birthday
- a word found in a dictionary (English or foreign)
- a common usage word
- a word in any language, slang, dialect, jargon, etc.
- names of famous people, characters in TV shows or movies
- name of family, pets, friends, co-workers, fantasy characters, etc.
- "Middlebury College", "middlebury", or
- any derivation alphabetic or numerical pattern such as aaabbb, qwerty, zyxwvuts, 123321, etc.
- any of the above spelled backwards