Update to TLTR on University Password Strategy

Angela Svoboda, AVP for Digital Effectiveness has submitted the following update to the TLTR about the university’s password strategy which is currently under consideration:

  1. We contracted with Secure Works to assess multiple aspects of technical security, including password management.  We have not received their final report yet but should receive it by the end of May.
  2. We have reviewed best practices in the password arena and await the results of the above assessment.
  3. When users switch to Gmail, they will need to change their passwords *if* they use a mail client but not if they use the web interface.  The email/calendaring project has much more detail about the implementation.
  4. For now, we have no further changes in password practice(s).