Briefing ID #: 24313

ALL EMPLOYEES - New Minimum Password Length for Dadeschools Networked Resources
Category:

 

 

Audience: 

All Employees

 

 

Due Date:

n/a

Meeting Date:

n/a

 

 


To address multiple audit findings and to begin aligning the District with the National Institute of Standards and Technology guidelines regarding passwords, M-DCPS will be migrating users to a longer minimum password length.


  • In response to multiple audit findings and to ensure our security is aligned to National Institute of Standards and Technology guidelines, M-DCPS will be migrating users to a longer minimum password length.
  • The new network password format for employees will include the following:
    • Minimum of 12 characters
    • Required combination of letters, numbers, special characters with:
      • at least one upper case and one lower case letter,
      • AND at least one number,
      • AND at least one non-alphanumeric/special character (i.e., !,@,#,$,%,&,+,?, etc.).
  • In accordance with national standards, these passwords will not expire, unless the user believes it has been compromised.
  • The mainframe (DSIS) password format will remain the same; this means that DSIS users will have 2 separate passwords (one for the mainframe and one for all other M-DCPS networked resources).
  • The new standard will be enforced beginning March 1, 2019 upon the expiration of their current password.
  • Employees whose passwords expire after May 31, 2019 will be forced to reset their passwords.
  • The new self-service password reset procedure will require that all users re-register and complete their profile by answering 4 personal security questions.
  • The self-service reset tool will now require mainframe users to select which password (network or mainframe) they wish to reset.
  • All users are strongly encouraged to provide a mobile phone number for their self-service reset profile. This element will allow users to reset their passwords without having to answer profile challenge questions.
  • Users are discouraged from using their dadeschools.net password for other online accounts to avoid compromising their accounts.
  • Student passwords will not be affected by this change.

 

Contact:

Heat Self Service ( http://selfservice.dadeschools.net )

Department:

Information Technology Services