What are the new password requirements that take effect in December 2013?

The RACF ID Password Rules have changed in order to strengthen the security of the Inside Courts web site as well as the various court applications including Odyssey.  The new rules take effect on November 14, 2013, however not everyone will be impacted immediately.  The new password rules will take effect as users' passwords expire, after the December 12, 2013 date.

The new Password Rules are as follows:

RACF ID passwords MUST

  • be exactly 8 (eight) characters; no more, no less.
  • contain at least one upper case letter.
  • contain at least one lower case letter.
  • contain at least one number.
  • NOT be easy to guess.
  • be changed at least every 90 days.

Additionally, the following special characters can be used, but are not required: @ # $

If special characters are used they are considered upper case characters, so they can be used in place of an upper case letter.

The system will still remember the last 10 (ten) passwords so each time a password is reset it should be unique.

Below are some tips for creating a strong password from the Director of Security Services of Intrinium Networks:

  • Don't use one of the most common passwords - Examples: Fall2013, Passwrd1.  Anything that can be easily guessed.  Hackers will try common logins manually before going to more advanced techniques.
  • Don't be too personal - Family member's names, pet's names, birth dates, anniversary dates, favorite sports teams, etc. are easily guessed.
  • Don't use dictionary words - Hackers are using programs that try millions of password permutations against a login or encrypted password.  This includes words in other languages (real or fictitious).
  • Don't disclose it - Creating a strong password is a wasted effort if someone can overhear it being said aloud or if they can locate it on a Post-it note inside your desk.
  • Try using special characters as replacements - Use special characters and/or numbers in place of letters within your password.
  • Try creating a mnemonic - Use a quote, song lyric, or other phrase that is familiar to you and use the first letter of each word as the characters for your password.  Example: "Friends, Romans, countrymen, lend me your ears (3)" would be FRclmye3.  Or use the 3 in place of the e and add a special character to the end like FRclmy3#.

Users can check the strength of their passwords using the Microsoft password checker at the following location:  https://www.microsoft.com/en-gb/security/pc-security/password-checker.aspx (search words are "Microsoft check password strength")

Microsoft also has a link for tips to create strong passwords: http://www.microsoft.com/en-gb/security/online-privacy/passwords-create.aspx  (search words are "Microsoft create strong passwords").  Please note that passwords still must meet AOC's password requirements.

RN id: 2336