Security, Policies & Guidelines
Administrative Server Password Security Implementation Procedure
NMSU policy mandates that passwords for administrative server access be at least six characters in length and contain at least one numeric character. UNIX System Administration has set all UNIX administrative servers to enforce this policy at the operating system level. NMSU policy further states that these passwords are mandated to change every 120 days. To ensure this happens on schedule all user and system passwords are set to expire at that interval.
The Manager of UNIX System Administration will schedule on his calendar when new system passwords are to be generated and then changed. The UNIX System Administrators will then change the passwords by logging into all systems they are responsible for and issuing the appropriate password change command. Non-system users will automatically be prompted to change their passwords at logon time, once their password interval has been exceeded.