SDCC Facility Password Policy

Changes to facility password policies and tools.

To reinforce the SDCC facility Cyber Security posture and reduce the risk of future compromises, the SDCC/RACF password policy has been designed to comply with current best practices as specified in https://pages.nist.gov/800-63-3/.

Users may employ https://web.sdcc.bnl.gov/apps/passwd/. Your current SDCC/RACF username and password are required for access.

Password changes also can be made on the ssh.sdcc.bnl.gov gateways using the passwd command. Password changes are not allowed on cssh.rhic.bnl.gov gateways. Excessive gateway login failures (e.g., multiple incorrect password entries) will result in a temporary login ban, whereupon a user may need to wait until the ban is automatically lifted before attempting another login.

Passwords must adhere to the following requirements:

1. The minimum length of all passwords is 16 characters.
2. No requirement for multiple character classes (uppercase, lowercase, numbers, and symbols) and password complexity. Multi-word passphrases are permitted and encouraged.
3. Passwords are checked against a list of https://haveibeenpwned.com/Passwords.
4. Passwords will never expire.

If you cannot recall your current password, please [REPLACELINK: /help/reporting-problems] to request an account password reset. To expedite the process, include your BNL Life or Guest number in the request.

Note : Your SDCC password is not the same as your SSH Key passphrase.