Employee Password Rules
An Easy Recipe for a Secure Password
1. Take two common words; e.g., 'hours' and 'tree.'
2. Add a number, and use as your password; e.g., '9hourstree,' 'hours9tree,' or 'treehours9.'
NOTE that you can't use words that form a natural compound, such as 'yard' and 'arm.'
In addition to being between eight and 32 characters, a valid password for Amherst employees (faculty, staff, and administrators) must obey the following rules:
- Include at least two of the following three types of characters:
- alphabetic (A to z; upper-case, lower-case, or both)
- numeric (0 to 9)
- special ( !@#$%^&*)
- When stripped of any beginning or ending numerals and special characters, the remaining letters must not be a common password or an English, French, Spanish, or German word.
- You can’t reuse any of your previous ten passwords
- Ten minutes must have elapsed since you last changed your password.
PASSWORD LOCKOUT POLICY
If 20 failed attempts to log in to any user account occur within a ten-minute period, that account will be blocked from all College supported electronic resources for the next ten minutes so that IT can verify that no one is trying to gain unauthorized access to our network.