The Daily Tar Heel
Printing news. Raising hell. Since 1893.
Tuesday, March 19, 2024 Newsletters Latest print issue

We keep you informed.

Help us keep going. Donate Today.
The Daily Tar Heel

Onyen password changes to be less frequent

Students might soon have to create more complicated Onyen passwords — but the reward would be changing them less often.

If a recently proposed change is implemented, students will be able to keep their passwords for an entire year, rather than 90 days.

The faculty information technology advisory committee met Monday, with the password expiration period as the sole agenda item.

The change, which is still being discussed, would not be implemented soon as it is in the preliminary stages, committee members said.

To complete this change, the committee needs to consult with the identity management group within Information Technology Services, which could take six to 10 months.

But the goal would be to increase security, said Stan Waddell, executive director for information security, who is working with the committee to implement this change.

“We’ve done a lot as a campus to improve our information security,” said Larry Conrad, vice chancellor for information technology and chief information officer, at the meeting.

Waddell said the change would require passwords to be more complex, with more characters and special characters. Common words, such as “Tar Heel,” would also be off-limits.

The new passwords and expiration length would encourage students to create more complex, long-term passwords, Waddell said.

With short-term passwords, some committee members said they fear students are only making small changes in their passwords every 90 days, which puts them at risk.

Committee members said new password guidelines would help limit the accessibility of UNC’s data.

“We have 30 (million) to 50 million unwanted attacks a week, and that’s just what we can see,” he said.

Sophomore Morgan Welch said she agrees that the change could improve security.

“I think maybe it would be a good idea because if I had a whole year to remember it, I would come up with a more complex password.”

After it goes through identity management, the change still has to be approved by the University’s internal audit department.

Committee members also said they hope the change would lower the burden of support related to passwords, and that fewer people would be coming to ITS for password support and resets.

Contact the desk editor at university@dailytarheel.com.

To get the day's news and headlines in your inbox each morning, sign up for our email newsletters.

Special Print Edition
The Daily Tar Heel's 2024 Music Edition