Password Criteria

Below are the password requirements for some of the State systems. Most employees will have at least two passwords to remember.

  • Network Logon / Active Directory
  • Mainframe / RACF / IS&C

AD Passwords

Used for: Network Log-on, PC sign-ons, Outlook/Exchange

The executive domain policies on passwords will:

  • Require you to change your password every 35 days.
  • Will lock out your account after 4 unsuccessful password attempts.

Passwords must meet the following minimum requirements when they are created or changed:

  • Must not contain significant portions of the user's account name or full name.
  • Must be at least eight (8) characters in length.
  • Must be memorized. (Note: do not write down your password).
  • Must contain at least one character from three of the following four categories:
    • Uppercase letters (A-Z).
    • Lowercase letters (a-z).
    • Numbers (base 10 digits 0 – 9).
    • Non-alphabetic characters (` ~ ! @ # $ % ^ & * - + = | \ { } [ ] : ; " ' < > , . ? /).

It is important to note that passwords chosen cannot contain:

  • Your login ID.
  • E-mail address.
  • Initials.
  • First, middle or last name.
  • One of the last ten passwords you have used on the Domain.

Other Systems

Used for: Mainframe, Bluezone, Attachmate, WS3270

Password must be exactly eight characters long AND it must contain BOTH of the following criteria:

    1. Alpha characters or one of these three characters (#, $, and @).
    2. Numeric characters zero “0” through nine “9”.

If an invalid password is entered, the following error messages may be displayed:

  • "NEW PASSWORD VERIFICATION ERROR"
  • "THE NEW PASSWORD YOU ENTERED WAS NOT VALID"

Other requirements for mainframe passwords:

  • After two consecutive unsuccessful password attempts, the account will be revoked.
  • You may not reuse a password until you have used ten different passwords.
  • Users will be warned three days before their password is to expire letting them know they need to change it.
  • Passwords must be changed every 35 days.
  • Inactive user ID’s are revoked after 35 days if they have not logged on to change their password.  They must call the WVOT Service Desk to request a temporary password.
  • Inactive users are removed from the system after 180 days.

Privacy, Security and Accessibility | WV.gov | USA.gov | © 2013 State of West Virginia

Last Updated: 05/20/2013