IT Password Policy

Your Emerson College ECnet account grants access to a large number of internal resources that may contain sensitive and confidential information. Emerson College takes the security and integrity of this account seriously, and as such, requires a 12 character minimum password length.

Emerson advocates the use of a "pass phrase" – combining individual words that do not necessarily belong together to achieve length. Complexity can be added, such as spaces and capitalization.

Example of a bad passphrase: purplegreenbluered. Example of a good passphrase: Purple windowsill BLEEDING edge

Your password does not expire, though Emerson IT will biannually remind you that industry standard best practice is to periodically update your password, and we recommend that you do that.

Staff and Faculty members in certain departments may fall under internal department-specific policies requiring you to change your password on a schedule. Each department will make their own determination to best meet their needs and confidentiality requirements.

Additionally, Emerson College employs an account lockout policy. If you attempt to access your ECnet account with an incorrect password 10 times within one minute, your account will be locked for 10 minutes. This is in place to prevent brute-force password hacking, and is a safety measure. If you think you have forgotten your password, call the IT Help Desk at 617-824-8080 and we can look up your lockout status and assist in resetting your password.