Staff Password Policy

To ensure the security of both your personal accounts and the district’s systems, it’s important to use a unique password for your work accounts. Never reuse your work password for personal accounts or other services.

Minimum Password Requirements:

14 characters in length.
Cannot be a previously used password.
No specific complexity requirements (e.g., symbols or numbers are optional), length is more important than character variety.
Passwords that match known compromised passwords will be rejected.
Passwords that follow easy-to-guess patterns (e.g., "Summer2024!") will be rejected.
Certain words, including district site names, street names, and mascots, are banned and cannot be used in passwords.

You can change your password at any time, but password resets will only be forced if there is a suspected compromise of your account.

Tips for Creating a Strong Password:

Use a passphrase instead of a traditional password. A passphrase is a combination of several random words, which makes it easier to remember while maintaining security. We suggest using useapassphrase.com to generate secure passphrases. 3 random words is often all you need to meet the length requirement.
Avoid using personal information such as your name, birthday, or address, as these details can be easier for attackers to guess.
Consider using a password manager like Bitwarden to securely store your passphrase and other login credentials. This allows you to create unique passwords for each website and service, ensuring that if one account is compromised, your other accounts remain secure.
Enable multi-factor authentication (MFA) wherever possible for added protection.

We will leave you with a lighthearted comic from XKCD that illustrates how using a passphrase can be both secure and easy to remember:
XKCD Correct Horse Battery Staple