Complex Network Password Policy

Overview:
MCC uses Microsoft's complexity rules for passwords.
A complex password is the first line of defense against unauthorized access to your computer and related network resources.

Complexity Rules:
The password complexity rules are as follows:

  • A complex password must have a minimum length of 12 characters.
  • A complex password cannot contain any part of the user's account name.
  • A complex password must follow three of the following four rules:
Rule:
  1. Include an English uppercase character (A - Z):
  2. Include an English lowercase character (a -z):
  3. Include a number (0-9):
  4. Include a special character (!@#$%&*):
Example:
BlueShoes#2
FunInSuns@1
3GreenTrees@
Friedeggggs4%

Do not use any of the examples above as a password.

  • A complex password is significantly different from previous passwords. The system will remember the last twenty-four passwords used, and will not allow these as choices for a new password.

    Note: Passwords will expire after 90 days.

There is a self-service password reset tool available to members of the MCC community.

About Best Practices (excerpted from Microsoft.com):

  • Always use complex passwords (see above)
  • If passwords must be written down on a piece of paper, store the paper in a secure place and destroy it when it is no longer needed.
  • Never share passwords with anyone.
  • Change passwords immediately if they may have been compromised.
  • Be careful about where passwords are saved on computers. Some dialog boxes, such as those for remote access and other telephone connections, present an option to save or remember a password. Selecting this option poses a potential security threat.
Last Modified: 2/22/24