You are here

Graylock Passwords

The Graylock Active Directory Domain utilizes Microsoft technologies. These technologies are among the most actively attacked and compromised. The Graylock Domain protects the college's most sensitive and important data. Strong and secure passwords are along the frontline in preventing unauthorized use and abuse.

Graylock Domain passwords have a few restrictions placed upon them:

  • Maximum Password age of 90 days
  • Does not match previous 5 passwords
  • Be at least 10 characters long
  • Must meet complexity requirements:
    • Must not contain the user’s entire Account Name or entire Full Name. The Account Name and Full Name are parsed for delimiters: commas, periods, dashes or hyphens, underscores, spaces, pound signs, and tabs. If any of these delimiters are found, the Account Name or Full Name are split and all sections are verified not to be included in the password. There is no check for any character or any three characters in succession.
    • Must contain characters from three of the following five categories:
      1. Uppercase characters or capital letters (A through Z)
      2. Lowercase characters (a through z)
      3. Numeric character or number (0 through 9)
      4. Non-alphnumeric characters or punctation mark (for example, !, $, #, %)

In addition to meeting the requirements above, we recommend that users utilie strong passwords. The following definition of strong passwords is from Windows 2003 Server Help:

Strong Passwords

The role that passwords play in securing an organization's network is often underestimated and overlooked. Passwords provide the first line of defense against unauthorized access to your organization. […]

Weak passwords provide attackers with easy access to your computers and network, while strong passwords are considerably harder to crack, even with the password-cracking software that is available today. Password-cracking tools continue to improve, and the computers that are used to crack passwords are more powerful than ever. Password-cracking software uses one of three approaches: intelligent guessing, dictionary attacks, and brute-force automated attacks that try every possible combination of characters. Given enough time, the automated method can crack any password. However, strong passwords are much harder to crack than weak passwords. A secure computer has strong passwords for all user accounts.

A weak password:
  • Is no password at all.
  • Contains your user name, real name, or company name.
  • Contains a complete dictionary word. For example, Password is a weak password.
A strong password:
  • Is at least seven characters long.
  • Does not contain your user name, real name, or company name.
  • Does not contain a complete dictionary word.
  • Is significantly different from previous passwords. Passwords that increment (Password1, Password2, Password3 ...) are not strong.
  • Contains characters from each of the following four groups:
GroupExamples
Uppercase lettersA, B, C …
Lowercase lettersa, b, c …
Numerals0, 1, 2, 3, 4, 5, 6, 7, 8, 9
Symbols found on the keyboard (all keyboard characters not defined as letters or numerals)` ~ ! @ # $ % ^ & * ( ) _ + - = { } | [ ] \ : " ; ' < > ? , . /

It is OK to write down your passwords, but they are worth more to MCAD than all the cash on campus and must be kept in a safe place. It is not acceptable to put them on your monitor, beneath your mouse pad, keyboard, etc.

Never share your password, even with Technology staff. Technology staff will never ask you for your password.