Falcon Account: Password Guidelines

A unique Falcon Account username is assigned to every person who has a relationship with the university. Together with a password, this forms the Falcon Account credential that is the institutionally managed credential used for access to IT resources, e.g., email, calendar, D2L, student records, office workstations, and lab computers. Each person must choose a password for their Falcon Account that meets the following minimum requirements: 

  • Contains at least one character from three of the following categories
  • Does not contain your Falcon Account username or parts of your full name that exceed two consecutive characters
  • Must not be the same as any previous password

Additionally, we recommend that your password:

  • does not contain derivatives of your name
  • does not contain a word found in a dictionary
  • is not similar to any previous password (e.g., adding a number or letter)

The Password Self-Service website can generate good password suggestions for you.  You can either use a suggestion directly or alter it after selecting it.  One recommended password technique is to start with initial characters from an easily-remembered phrase (e.g. "The quick brown fox jumps over lazy dog" becomes "tqbfjold") and perform character substitutions or additions ("tqbfj0Ld").

Your Falcon Account is tied to your digital identity at UWRF and may provide access to sensitive personal information.  Protect your Falcon Account password just as you would a credit card:

  • Do not share your Falcon Account password with anyone.
  • Do not write down your Falcon Account password unless it can be stored securely. Encryption in an electronic form (PDA, smart cell phone, software on your computer) is best but this is not always feasible. A password written down on a small piece of paper and stored in your wallet is acceptable. This same piece of paper taped to the bottom of your keyboard, even if it does not list your Falcon Account, is not acceptable.
  • Do not use your Falcon Account password on accounts other than your Falcon Account - not on any derivative accounts or other internet accounts.
  • Application administrators must not encourage use of the password associated with a Falcon Account in combination with any other identifier such as a local application credential or an off-site account.
  • Computer systems and applications must not store the password that is associated with a Falcon Account unless it is stored in an encrypted secure manner approved by the Division of Technology Services (DoTS).

You are required to change your Falcon password at least once a year but you may choose to change it more frequently. Many UWRF IT resources, particularly computer workstations or laptops, provide advance warning of password expirations. Once your password has expired, you will be required to change your password before accessing any IT service. Individuals whose job duties require access to sensitive data or enhanced access rights may have stricter password requirements.

To change your Falcon Account password, you can use the UWRF Password Self-Service website.

Details

Article ID: 1133
Created
Mon 3/3/14 12:59 PM
Modified
Wed 7/30/14 10:55 AM