Network Account Password Policy

Background

The USNA Mission network is a Windows Active Directory (AD) Directory Services network. A “network password” allows login to a network account and access to AD services. Google Apps for Government, the Blackboard Learning Management System, and shared network file storage are also accessible from a network login if these additional information technology (IT) services were authorized.

Accounts for IT services that do not authenticate using AD require a separate login (e.g.: MIDS). Changing a network password does not change the password for these other IT services.


Policy

Authorized users of the USNA Mission network have consented to the Acceptable Use Policy for USNA IT Resources and the Navy User Agreement and Consent Provisions, and have accepted responsibility for secure operational behavior which includes protecting and maintaining passwords. The following complexity requirements are in effect for standard non-privileged-user network account passwords:

  • Must be at least 14 characters in length.
  • Must contain at least:
    • Two uppercase letters [A-Z]
    • Two lowercase letters [a-z]
    • Two digits [0-9]
    • Two special characters [e.g.: !@#$&*]
  • A password cannot contain your network account name, username or display name.

Example: If account name = Joe Gish

                  And username = jgish

                  And display name = Joe Gish CIV USNA Annapolis

Then regardless of case, the following cannot be any part of a password:

joe, gish, jgish, civ, usna, annapolis

  • A password cannot be changed to any of the most recent 24 passwords.
  • Must have at least 4 characters not found in the previous password.

Using the self-service password portal

The password portal is accessible from a link on the USNA A-Z index web page. It offers the following self-service capabilities for a standard, non-privileged-user network account: 

  • Enroll in the self-service system (one-time enrollment, which then allows a user to Reset and Unlock after answering personalized identity questions).
  • Change a password (if the current password is known). A password can only be changed once per day.
  • Reset a password (if the current password was forgotten). This option will then require a user to immediately change the password, which can only be done once per day.
  • Unlock an account (if it was locked due to incorrect password attempts). You must be currently enrolled in the Password Portal system to use Unlock.

It is Important That Users Enroll:

If a user is not enrolled a password cannot be Reset and an account cannot be Unlocked from off-Yard, regardless of whether you are on sabbatical, an exchange student, or otherwise dislocated from the Yard. The Password Portal is provided to service exactly these circumstances. You should enroll!


Problems

If you are otherwise unable to change your network account password it can only be done by verifying your identity face-to-face with a designated member of the Cybersecurity Workforce during normal working hours.  For questions about passwords you may contact the ITSC in Ward Hall G1 (410-293-3500) .

Back to top