Navex PolicyTech (archive) contains the complete and official password policy, these guidelines will help you remain compliant.
Requirements
Domain passwords must meet these requirements.
- 10 to 256 characters in length
- Change every 6 months
- Contain 3 of 4 character types:
- A-Z uppercase
- a-z lowercase
- 0-9 numbers
- !-? punctuation
- May not include your name
- May not match your previous 12 passwords
Do
Good passwords are long, random, and unique for each service.
- Longer passwords are much stronger
- Use a unique password for every website and application
- Use a mix of letters, numbers, and symbols
- Securely store your passwords in a password manager
Don't
Your password should be unique, known only to you.
- Don't share your password
- Don't accept passwords from others (e.g. do not login for someone else)
- Don't display or hide passwords near keyboards, monitors, mouse pads, unlocked desk drawers
- Refrain from using your work passwords anywhere else
Good Password Generators:
Some trusted tools you may use to help you create good randomly-generated passwords.
- LastPass Password Generator
- Passed.pw
- Microsoft 365 > SharePoint > Bridge > IT > Password Generator
Multifactor Authentication (MFA)
All Riverview Health users are required to enable, enroll, and use multifactor (MFA) authentication for all work-related accounts and services that support MFA.
- Riverview's multifactor (MFA) solution
- Riverview's self-service password reset (SSPR) solution