Search Options
ETSU Faculty/Staff
ETSU Students
ETSU People Search

Strong Password Requirement pdf version of this page

an Information Technology Services Policy

The Tennessee Board of Regents mandates the use of a secure password policy. Beginning Wednesday, February 27, 2008, the following policy for ETSU Domain Account passwords became effective:

Rules for Creating a Password

  • The password must be at least 8 characters.

  • The password must use characters from three of the following four categories:

      • English UPPER CASE characters
        (A B C D E F G H I J K L M N O P Q R S T U V W X Y Z)

      • English lower case characters 
        (a b c d e f g h i j k l m n o p q r s t u v w x y z)

      • Numerals 
        (0 1 2 3 4 5 6 7 8 9)

      • Non-alphanumeric characters 
        (! @ # $ % ^ & * ( ) - _ = + { [ } ] \ | ; : , < . > / ?)

  • The password must not contain any portion of your full name that is three or more characters long. For example, if your full name is “John L. Smith”, your password cannot contain “john” or “smith”. If your full name is “John Lawrence Smith”, your password cannot contain “john”, “smith”, or “lawrence”.

Rules for Updating a Password

  • Your domain password will expire every 90 days.

  • You can change your password more frequently than 90 days, but no more than once per day.

  • Your new password cannot be a password that you have used in the past 10 password changes.

  •  If you fail five times to login within a 30-minute period, your account will be locked for five minutes.

This affects all passwords for logging into campus Windows workstations, Desire2Learn, ETSU email, Sherrod Library Services, and any other services that authenticate against the ETSU domain account.  Requests for assistance can be directed to the Information Technology Services Help at  or 423-439-4648. If your request is urgent please call instead of sending an email.

Approved: Information Technology Governance Council
Reviewed: July 2016
direct edit