Norse Key Authentication - Draft

Printer-friendly versionSend to friend

Date Issued: November 12, 2007
Date Revised: November 12, 2007

I. Policy

In order to maintain appropriate network security, all users of Luther College networks and systems will be required to periodically change their Norse Key password according to criteria established by Library and Information Services.

II. Purpose

Common security practice at institutions of higher education and businesses require regular changes of passwords to maintain secure access to resources.

III. Scope

Applies to all faculty, staff, students, and other users who have a Norse Key.

IV. Terms and Definitions

  • Norse Key – A Norse Key is your gateway to most digital resources at Luther College. Specifically, it is your username and password that is used to log onto services such as your Luther email, My.Luther.edu, the campus directory and many others.
  • Datatel system user – A person who has access to the full client, as opposed to only being able to access my.luther.edu.
  • Norse Key Accessible Services
    • Luther email
    • My.luther
    • Lab computers
    • katie.luther.edu Learning Management System
    • Academic and Administrative H, T and departmental network drives
    • Oracle Calendar
    • ResNet registration
    • Faculty and staff computers (Windows XP)
    • Campus directory
    • Alumni directory
    • Sophos.luther.edu and automatic updates
    • Off-campus access to Library resources (e.g. Academic Search Complete, JSTOR, Project Muse, etc.)
    • Help Desk website
  • Services Not Currently Accessible via Norse Key
    • Datatel (Colleague, Benefactor, Safari)
    • CBORD (Campus Card System)
    • CBORD HMS (Housing Management System)
    • AdAstra Room and Event Scheduler
    • Citrix Client

V. Procedures and Guidelines

  1. Policy Statements
    • All Norse Key passwords and Datatel System User passwords must be changed every 180 days.
    • Passwords must be at least 8 characters long.
    • Passwords must contain at least one number.
    • Passwords cannot be blank and cannot contain any spaces.
    • Passwords cannot be dictionary words.
    • Paper on which passwords are written must either be destroyed after use or stored in secure locations.
    • A password history will be retained and require users to use original passwords when updating them.
    • Users must review the college Statement of Responsibility and signify their compliance as a condition of changing their Norse Key and being granted access to the Luther College network.
  2. Initial Implementation
    • Datatel System User passwords are currently changed every 180 days. No implementation steps are required for Datatel System Users.
    • In late November 2007, LIS will announce the new password policy to the campus.
    • Beginning December 6, 2007, all newly generated Norse Key passwords or changes of Norse Key passwords will adhere to the policies stated above (8 characters, use of password history, must contain one number, no spaces, etc.) The date of any password changes made from this point forward will be logged, and 180 days following the change, a new password will be required.
    • On April 2, 2008, all users who have not changed their Norse Key password since December 5, 2007 will be required to do so.
    • Users will receive two notification/reminder messages prior to the expiration of their password. The first will be sent two weeks prior to expiration, and the second three days prior to expiration. Users will be prompted to visit norsekey.luther.edu to change their Norse Key password.

VI. Confidentiality and Record

Library and Information Services is responsible for assuring the Datatel system users and Norse Key passwords expire every 180 days.

Related Categories: