(1) Authorized users shall comply with the following rules to create and manage their passwords:
- (a) All user accounts shall be protected by use of a password. This password shall be generated by and known only to the individual user.
- (b) The Department of Corrections ISO shall determine password characteristics.
- (2) Password Duration: All user passwords shall be subject to automatic retirement at a maximum set time period in the standards and guidelines. Authorized users may change passwords as often as they wish during this period and are encouraged to do so.
- (3) Password Violation: Violation of these rules is a disciplinary matter with consequences up to and including dismissal.
- (4) A user account shall be automatically disabled when there have been more than five consecutive invalid logon attempts by a user during a 120-minute time period.
- (5) The Department of Corrections ISO or designee may re-enable a disabled password.
Statutory/Other Authority
ORS 179.040, 423.020, 423.030 & 423.075
Statutes/Other Implemented
ORS 179.040, 423.020, 423.030 & 423.075
History
DOC 5-2024, amend filed 04/29/2024, effective 04/29/2024
DOC 16-1999, f. 9-24-99, cert. ef. 10-1-99
CD 10-1997, f. & cert. ef. 6-20-97
CD-24-1992, f. 11-24-92, cert. ef. 12-1-92