Password Rules

In accordance with DOE Notice 205.3 and guidance in 205.3-1, all passwords in use on any system at Jefferson Lab (JLab) must be in accordance with the following rules and guidelines.

Password Selection

  1. At least eight non-blank characters.  Your password can be longer than eight characters, but not less than.
    • At JLab the only exception may be certain single-board computers.
  2. A combination of letters (upper and lower case), numbers, and at least one special characterall.  ALL of these conditions must be met within the first eight positions.
    • At JLAB the only exception may be certain single-board computers.
  3. A non-numeric in the first and last position.
  4. Does not contain any part of your username or common name.
  5. Does not include the user's own or, to the best of his/her knowledge, close friends - or relatives - names, employee serial number, Social Security number, birth date, phone number, or any information about him/her that the user believes could be readily learned or guessed.
  6. Does not, to the best of the user's knowledge, include common words that would be in an English dictionary, or from another language with which the user has familiarity.
  7. Does not, to the best of the user's knowledge, employ commonly used proper names, including the name of any fictional character or place.
  8. Does not contain any simple pattern of letters or numbers, such as "qwertyxx' or "xyz123xx".

These conditions listed above hold true provided such passwords are allowed by the operating system (OS) or application.

Password Protection

Individuals must not:

  1. Share passwords; the only exception is "in emergency circumstances or when there is an overriding operational necessity".
    • You must get prior agreement from the Computer Center Security officer before sharing passwords.
  2. Leave clear-text passwords in a location accessible to others or secured in a location whose protection is less than that required for protecting the information that can be accessed using the password;
  3. Enable applications to save passwords for subsequent re-use.
    • this includes e-mail - do not let it remember your password.

Password Changing

Passwords must be changed:

  1. At least every 6 months;
  2. Immediately after sharing;
  3. As soon as possible, but within 1 business day after a password has been compromised, or after one suspects that a password has been compromised;
  4. On direction from management.

If you have any questions or concerns regarding these rules, or problems changing your JLab CUE password, please contact our IT Division Help Desk.