OAR 291-005-0055
User Password Management and Responsibilities

(1)

Authorized users shall comply with the following rules to create and manage their passwords:

(a)

All user accounts shall be protected by use of a password. This password shall be generated by and known only to the individual user.

(b)

The DOC network security officer shall determine password characteristics.

(2)

Password Duration: All user passwords shall be subject to automatic retirement at a maximum set in the standards and guidelines. Authorized users may change passwords as often as they wish during this period and are encouraged to do so.

(3)

Password Violation: Violation of these rules is a disciplinary matter, up to and including dismissal as a consequence.

(4)

A user account shall be automatically disabled when there have been more than three successive unsuccessful attempts at sign-on.

(5)

The DOC network security officer or designee may re-enable a disabled password.

(6)

Personal Computer Network Access: Personal computers (PCs) which connect to the local or wide area network for the purpose of accessing and using file, disk, application, and printer services must be treated with the same care and diligence accorded to terminals connected directly to a computer system. Such PC connections must be mediated by the user’s log-on name and password.

Source: Rule 291-005-0055 — User Password Management and Responsibilities, https://secure.­sos.­state.­or.­us/oard/view.­action?ruleNumber=291-005-0055.

Last Updated

Jun. 8, 2021

Rule 291-005-0055’s source at or​.us