It's time to upgrade our user account security!
Just a reminder this password reset is for your computer/email login credentials.
Passwords must now meet the following minimum requirements:
1. Must not contain the user's account name
2. Be at least 10 characters in length
3. Contain characters from three of the following four categories:
Uppercase characters (A through Z)
Lowercase characters (a through z)
Base 10 numbers (0 through 9)
Non-alphabetic characters (for example, !, $, #, %)
I'd suggest making your password a phrase with a combination of letters, special characters, and numbers such as the following example:
Note: Do NOT use this password, if used your account will be flagged.
Another good practice for password security is to come up with a phrase and use the first letter of every word in the phrase as your password.
In this case replacing the word "to" with the number "2." Of course this alone will not meet our requirements, you will need to also include a special character, such as an exclamation mark or hashtag, or an uppercase letter.
Please also note that this new policy in place will not allow the re-use of the last password that has been used.
As per the AUP (Acceptable Use Policy) please do not share your password with anyone.
You could be held responsible for any actions another user may have taken while using your account, so please protect yourself and remove all possibility of this occurrence.
Avoid using the same password on multiple accounts. Your password should be unique. Using one password makes it way too easy for a hacker to attack one site and get your password to all the others.
We would also like to encourage everyone to use a password manager/vault, such as LastPass.
This would give a place to store your passwords that is secure and keep from any bad practices taking place such as...
On another note, all staff will receive an email alert when their password is nearing expiration, this will be 182 days after this initial reset. The first alert will be a month before the password expires, followed by two more 7 days apart, then followed by a daily alert for the last week before your password expires. The email will give a link to follow in order for you the change your password along with a link directing you here!
The following is what the email notification will look like:
After resetting your password and logging back in to your account, you might see an alert that the system was unable to unlock your login keychain. This is expected, because the passwords for your user account and login keychain no longer match. Just click the Create New Keychain button in the alert.
If you didn't see an alert about your login keychain, or you see other messages asking for your old password, reset your keychain manually:
- Open Keychain Access, which is in the Utilities folder of your Applications folder.
- Choose Preferences from the Keychain Access menu, then click the Reset My Default Keychain button in the preferences window. After you enter your new password, Keychain Access creates an empty login keychain with no password. Click OK to confirm.
If you don't see a Reset My Default keychain button, close the preferences window and select the “login” keychain from the left side of the Keychain Access window. Press the Delete key, then click Delete References.
- Choose Log Out from the Apple menu to return to the login screen.
- Log in to your account using your new password. Your account password and login keychain password now match again.
If your Mac keeps asking for the login keychain password please follow this link to Apples support article:
Apples Support Keychain Article