1. IT Services Policy and Rules

Passwords on IT Services systems:
  1. Must not be simple words, names or other easily-guessed items such as postcodes or car number plates
  2. Must be changed at least once a year
  3. Must not be given to anybody else. Your account is for your use only.

The IT Committee's Security and Privacy Policy Group has drawn up a security policy for the University. Suspected breaches of security are handled by the Oxford University Computer Emergency Response Team (OxCERT), which also has an advisory role.

The policy of requiring passwords to be changed at least once a year is in direct compliance with the advice of OxCERT, operating under the above University policy. There is another web page giving more details about the policy of password expiry.

Up: Contents Next: 2. What is password security?

Sections in this document: