TTUHSC Information Technology
HomeInformation TechnologyIT AdministrationPolicies

TTUHSC IT Policies

1.4.12   PASSWORD/AUTHENTICATION

Never share your password with anyone.

In accordance with Texas Administrative Code § 202.75, all TTUHSC computing systems shall require a login authentication process, whereby each user is identified and authenticated through their unique USER ID and/or account name.  Access to the network and to applications is based on individual roles and determination of user access levels is the responsibility of the owners of the information or applications being accessed. 

Texas Tech’s primary authentication is through an account management system known as eRaider, which allows users to access the information resources available at the Health Sciences Center.  Passwords for eRaider accounts follow industry best practices and must meet the following requirements:

  • 8 - 15 alphanumeric characters,
  • Contain upper & lower case characters,
  • Contain a number,
  • NOT contain a number as the first or last character,
  • NOT contain any word found in a dictionary, and
  • May contain punctuation marks.

Passwords must be reset every 90 days. 

System Identification/Logon Banner

Any TTUHSC computing system that prompts the user for a login should require an unauthorized access warning banner be displayed.  The unauthorized access warning banner must inform the user of the restrictions imposed on the system before access is attempted, thereby giving the user the opportunity to avoid violating any access restrictions.  The Unauthorized Access Warning Banner must be prominently displayed each time a user attempts to access a server system, network terminal, and/or a restricted/secured web site and/or web page, specifically before the user can begin the login authentication process.

The Unauthorized Access Warning Banner will be made part of the web site and/or web page preceding a restricted/secured web site and/or web page and must be displayed before a user enters the secured web site and/or web page.  The user must also be made to acknowledge the warning either in the form of an icon or button stating “OK” or “I Accept” before they can proceed.

Unauthorized Access Warning Banner Text

The following is the text for the Unauthorized Access Warning Banner:

WARNING!

USE OF THIS SYSTEM IS RESTRICTED TO AUTHORIZED USERS ONLY AND SHALL BE USED IN ACCORDANCE WITH THE ACCEPTABLE USE POLICY. USERS HAVE NO EXPECTATION OF PRIVACY EXCEPT AS OTHERWISE PROVIDED BY APPLICABLE PRIVACY LAWS. THIS SYSTEM MAY BE SUBJECT TO MONITORING BY THE INFORMATION TECHNOLOGY DIVISION. UNAUTHORIZED ACCESS IS A VIOLATION OF APPLICABLE TTUHSC, STATE, AND FEDERAL LAWS AND REGULATIONS AND WILL BE SUBJECT TO CRIMINAL PROSECUTION.

©