Staff Editorial: It's Time for University's Password System to Expire
Every 90 days, students who try to sign in to their University of Mary Washington accounts face a moment of panic, followed by frustration, when confronted with a password expiration notice.
Two years ago, UMW drastically changed the manner in which it handles the Net ID password for its students. In theory, requiring passwords that incorporate capital letters, numbers and a minimum character length should improve security. However, these qualities become a problem when students must re-set their password every 90 days. While that doesn’t seem like a short period of time, it can fly by faster than you think.
If a student does not change their password before the deadline, they cannot enter Canvas or Banner. This makes sense for security purposes, but, with the general shift in many classes toward turning in papers and taking quizzes online, being locked out of university websites can have an impact on one’s grade.
Usually, the remedy for this is simple, call or visit the help desk in the bottom of George Washington Hall, or use the online tool. However, these added security measures are starting to become more of an annoyance than a welcome protection. In an age in which almost every website requires a username and password, it becomes a burden to memorize another intricate combination of letters and numbers for 90 days, and recycling passwords is not allowed since repeats are forbidden.
From the University’s standpoint, these requirements make sense. Online security is no joke, and, as we all know, a specialized password makes it harder for hackers to gain access to your personal information. Still, students are not just students, but young adults with lives outside of constructing multiple passwords and committing them to memory. If the choice came down to sacrificing the security of a class schedule or being temporarily blocked from turning in an assignment, most students would go with the former.
Just like two years ago, when the University re-evaluated and updated their online security measures, perhaps it has come time again for an update. Preferably a compromise that can merge adequate online protection with practical, real-world usage.