Oregon Administrative Rules
Chapter 291 - DEPARTMENT OF CORRECTIONS
Division 5 - NETWORK INFORMATION SYSTEM ACCESS AND SECURITY
Section 291-005-0055 - User Password Management and Responsibilities
Current through Register Vol. 63, No. 3, March 1, 2024
(1) Authorized users shall comply with the following rules to create and manage their passwords:
(2) Password Duration: All user passwords shall be subject to automatic retirement at a maximum set in the standards and guidelines. Authorized users may change passwords as often as they wish during this period and are encouraged to do so.
(3) Password Violation: Violation of these rules is a disciplinary matter, up to and including dismissal as a consequence.
(4) A user account shall be automatically disabled when there have been more than three successive unsuccessful attempts at sign-on.
(5) The DOC network security officer or designee may re-enable a disabled password.
(6) Personal Computer Network Access: Personal computers (PCs) which connect to the local or wide area network for the purpose of accessing and using file, disk, application, and printer services must be treated with the same care and diligence accorded to terminals connected directly to a computer system. Such PC connections must be mediated by the user's log-on name and password.
Stat. Auth.: ORS 179.040, ORS 423.020, ORS 423.030 & ORS 423.075
Stats. Implemented: ORS 179.040, ORS 423.020, ORS 423.030 & ORS 423.075