Norse Key Password Policy

Printer-friendly versionSend to friend

Date Issued: September 12, 2007
Date Revised: March 17, 2008

I. Policy

In order to maintain appropriate network security, all users of Luther College networks and systems are required to periodically change their Norse Key password according to criteria established by Library and Information Services.

II. Purpose

Common security practice at institutions of higher education and businesses require regular changes of passwords to maintain secure access to resources.

III. Scope

Applies to all faculty, staff, students, and other users who have a Norse Key.

IV. Terms and Definitions

  • Norse Key - A Norse Key is your gateway to most digital resources at Luther College. Specifically, it is your username and password that is used to log onto services such as your Luther email, My.Luther.edu, the campus directory and many others.
  • Datatel system user - A person who has access to the full client, as opposed to only being able to access my.luther.edu.
  • Norse Key Accessible Services
    • Luther email
    • Norse Apps
    • My.Luther log on
    • Lab computer log on
    • katie.luther.edu log on
    • Academic H:, T: and departmental drives (students/faculty)
    • Administrative H:, T: and departmental drives (staff)
    • Oracle Calendar
    • ResNet registration
    • Faculty and staff computer log on (Windows XP)
    • Campus directory log on
    • Alumni directory log on
    • Sophos.luther.edu log on and automatic updates
    • Off-campus access to Library resources (e.g. Academic Search Premier, JSTOR, Project Muse, etc.)
    • Help Desk website
    • LIS website
    • Library catalog
  • Services Not Currently Accessible via Norse Key
    • Datatel (Colleague, Benefactor, Safari)
    • CBORD (Campus Card System)
    • AdAstra Room and Event Scheduler
    • Citrix Client
    • HMS (Housing Management System)

V. Procedures and Guidelines

1. Policy Statements

  • All Norse Key passwords and Datatel System User passwords must be changed every 180 days.
  • Passwords must be at least 8 characters long.
  • Passwords must contain at least one number.
  • Passwords must contain at least one character.
  • Passwords cannot be blank and cannot contain any spaces.
  • Paper on which passwords are written must either be destroyed after use or stored in secure locations.
  • A password history will be retained and require users to use original passwords when updating them.
  • Users must review the college Statement of Responsibility and signify their compliance as a condition of changing their Norse Key and being granted access to the Luther College network.

2. Implementation

  • Datatel System User passwords are currently changed every 180 days. No implementation steps are required for Datatel System Users.
  • In March 2008, LIS will announce the new password policy to the campus.
  • Beginning March 13, 2008, any Norse Key password changes made from this point forward will be logged, and 180 days following the change, a new password will be required.
  • Beginning March 19, 2008, all newly generated Norse Key passwords or changes of Norse Key passwords will adhere to the policies stated above(8 characters, use of password history, must contain one number, no spaces, etc.).
  • On April 16, 2008, all users who have not changed their Norse Key password since March 12, 2008, will be required to do so.
  • Users will receive five notification/reminder messages prior to the expiration of their password. The first will be sent two weeks prior to expiration, the second one week prior to expiration, the third 3 days prior to expiration, the fourth 2 days prior to expiration, and the fifth 1 day prior to expiration. Users will be prompted to visit norsekey.luther.edu to change their Norse Key password.

VI. Confidentiality and Record

Library and Information Services is responsible for assuring the Datatel system users and Norse Key passwords expire every 180 days.