VIMS

Passwords

 To change your password, read the rules below and then - Click Here

The VIMS password security standard requires that users renew their password at least once per year, and that passwords meet minimum requirements for complexity.   ITNS enforces this policy by expiring passwords annually using complexity rules as outlined below.

Your VIMS password gives you access to Email, printing, shared network drives, VPN, and more.    Simple instructions on how to change it can be found here.

 VIMS Password Complexity Rules:

1.  Passwords must be a minimum of 10 characters in length

2. Passwords must contain characters from three of the following five categories:

  • Uppercase characters of European languages (A through Z, with diacritic marks, Greek and Cyrillic characters)
  • Lowercase characters of European languages (a through z, sharp-s, with diacritic marks, Greek and Cyrillic characters)
  • Base 10 digits (0 through 9)
  • Nonalphanumeric characters: %,!,@,#,$,^,&,*,-,+,=,|,\,(,),{,},:,;,?
  • Any Unicode character that is categorized as an alphabetic character but is not uppercase or lowercase. This includes Unicode characters from Asian languages.

3. Passwords must not contain the user's account name or full name

4. Passwords cannot be re-used for three generations.

 

ITNS suggests using “passphrases” with complex characters instead of passwords.  They are easier to remember, yet more difficult to crack.     

For example:  L3tsG0$k11ng ---->  LetsGoSkiing.    

This passphrase meets the required complexity and length.     It is longer than required and it contains no single dictionary words.

 

Here is a list of Best Practices when creating and managing your passwords:

  • Don't share your account and password with anyone.
  • Don't write your password down.
  • Change your password often, more frequently than the required 12 months.
  • Beware of Phishing scams.
  • Longer is better because they are harder for a 'bot' to crack.
  • Mix letters and non-letters in your passwords (numbers and punctuation characters on the keyboard).
  • Transform a phrase by using numbers or punctuation ("Idh82go" for "I'd hate to go" or "UR1drful" for "You are wonderful").
  • Avoid choosing a password that spells a word. But, if you must, then introduce "silent" characters into the word ("va7ni9lla").
  • Deliberately misspell the word or phrase ("choklutt").
  • Add random capitalization to your passwords. Capitalize any but the first letter. ("eIeIoH!" or "o.U.Kid")
  • Don't use your first, middle, or last name in any form.
  • Don't use a word contained in any dictionary. Masking these words by replacing letters with numbers is not sufficient protection.
  • Don't put non-alphabetic characters at the beginning or end of words. Passwords like 7laptop or rockiesx are easily guessed by password guessing programs.

 

If you are having difficulty re-setting your password, make sure you are meeting these minimum requirements.   Please contact ITNS either by email or phone if you have any questions or concerns.