Password Management
BAS has two password protection practices: (1) BAS’ internal network access and (2) MyEnroll.com access.
BAS’ internal network access password
Every user of the BAS internal network must establish a password conforming to the following requirements:
- 8 or more characters required in the password
- Must contain at least 1 upper case letter, 1 lower case letter, 1 symbol and 1 number
- Users are locked out after a predetermined number of failed logon attempts
- Passwords are forced to be changed every 30-days
MyEnroll.com Passwords
MyEnroll.com users must also maintain strong passwords, according to the following requirements:
- 8 or more characters required in the password
- Must contain at least 1 upper case letter, 1 lower case letter, 1 symbol, and 1 number
- Users are locked out after a predetermined number of failed logon attempts
- Employee users who are locked out can wait 10 minutes and then try again
Administrators who are locked out must contact BAS’ call center to have their accounts unlocked because administrators have access to all their organization’s employees’ data, which requires a greater level of security than the requirements applied to employee users that have limited access to their own accounts.