YALE-MSS-9.2: Do not share account credentials (username/password)

Standards Group:
YALE-MSS-9: Authentication and Authorization

YALE-MSS-9.2: Do not share account credentials (username/password)

Low Risk Endpoint Required Moderate Risk Endpoint Required High Risk Endpoint Required Low Risk Server Required Moderate Risk Server Required High Risk Server Required Low Risk Mobile Device Required Moderate Risk Mobile Device Required High Risk Mobile Device Required Low Risk Network Printer Required Moderate Risk Network Printer Required High Risk Network Printer Required

Details

User accounts are defined as a username and password that grants an individual end-user access to the IT System. For example, your Yale Net ID is your user account to access Yale IT Systems that use CAS for authentication.

Users are responsible for maintaining the security of their own accounts and passwords to IT Systems.

Keep your passwords private. Do not share them with anyone including your supervisor, family, co-workers, or IT support provider.

If your password is discovered or you determine that someone is using it to access your account, contact the Information Security Office (ISO) at information.security@yale.edu.

This is required for all account types (user, administrative, and service).