Changes to Password Complexity Rules

Posted: March 19, 2013

Recent changes to password complexity rules will require you to take extra care when selecting College of Ag and PSU user account passwords.

Ag IT recently made changes to the password complexity requirements that College of Ag users will need to follow when selecting their College of Ag (AG) account passwords.  These changes have come as a result of security requirements identified during the Penn State IT Audit.

In the past, Ag IT has recommended that users keep their AG account passwords and their PSU account passwords the same.  This practice can be very helpful. Many services, such as Exchange/Outlook email, SharePoint and logging into an Ag Domain computer require the use of your AG user account. Other services, such as Adobe Connect, Plone, ANGEL and the Employee Self-Service Information Center (ESSIC), require the use of your PSU account. Some users find it difficult to remember which account is used for which service. Maintaining the same password for both accounts eliminates that problem. NOTE: Ag IT strongly recommends that you do not use the same password for any other user accounts (i.e. Gmail, Facebook, etc.) that you may have. 

Unfortunately, the password complexity rules for your AG account could not be matched identically to the rules for your PSU account.  For instance, your PSU account password cannot be the same as your userid, but your AG account password cannot contain your userid at all.

These differences in password rules can make it challenging for users to generate passwords that are acceptable to both systems.  To assist users in generating passwords that can be matched for PSU and AG accounts, Ag IT has developed a consolidated list of password criteria.  When visiting the site to change your AG password, you will see the new criteria (it is also listed below). Unfortunately, when visiting the site to change your PSU password, you will see the PSU criteria, which is not fully compatible with your AG account. When you are ready to change your passwords (AG and PSU require a password change once every 365 days), it will be important that you refer to the new criteria and decide on a password before accessing either system.

IMPORTANT TO NOTE: To generate a password that can be used with both your AG and PSU accounts, follow these password rules:

  • It must be at least eight characters in length.
  • It must contain characters from AT LEAST 3 of the following 4 categories.
    • at least one upper-case alphabetic character (A through Z)
    • at least one lower-case alphabetic character (a through z)
    • at least one numeral (0 through 9)
    • at least one non-alphanumeric character such as $ . , ! % ^ *  (NOTE: You CANNOT use any of the following @ / \ & # ‘ “ ( ) < > | `)
  • It cannot contain three or more occurrences of the same character.
  • It must be significantly different from the previous seven passwords you have used.
  • It cannot contain your user ID.
  • It cannot start or end with your initials.
  • It cannot include your first, middle, or last name.
  • It should not be information easily obtainable about you. This includes license plate, social security, telephone numbers, or street address.

For more detailed instructions on how you can change your Ag or PSU passwords, you can visit our How To's: How to Change Your Ag Password or How to Change Your Penn State Access Account Password.

If you have any additional questions related to password complexity rules or require assistance in resetting one of your passwords, please feel free to contact the Ag IT Helpdesk and we would be happy to help.