RMU Alum starts petition for no mandatory password change

Photo credit: Paul Wintruba

Samantha Sektnan

Students, administrators, faculty and alumni at Robert Morris University are familiar with the mandatory 60-day password change policy that was instituted during the Spring 2015 semester.

The policy was instituted as a way to ensure security of all RMU accounts. This mandatory policy has received various degrees of reactions from the RMU community.

ResTech Senior Technician Alex Chismar expressed his perspective in support of the 60-day password change.

“The 60-day password change was implemented in response to the increased threat of cyber misconduct. In fact, in February of this year the University of Central Florida reported that over 63,000 student and staff accounts were hacked with the same number of social security numbers being stolen,” said Chismar. “An x amount of days password change is a norm in IT security.”

Undergraduate student at RMU, Mike Sieber, expressed his opinion of the mandatory 60-day password change policy.

“The password policy serves its purpose and beyond, to some extent,” said Sieber. “I feel that we should establish one password and keep it throughout the year. It is very inconvenient when you are in the middle of midterms and have to come up with a new complex password.”

RMU alumnus Kyle Gorcey, class of 2015, began a petition on March 1 with an intent to have this policy revisited and changed.

“The whole petition started as a conversation between myself and some fellow alumni. As a student, it was just something I accepted, though in the back of my mind I always thought the policy was a bit too much,” said Gorcey. “I see the need for updating passwords, but updating it every 60 days is a bit much as compared to other local universities.”

The petition names RMU President, Christopher Howard, Ph.D. and Chair of the Board of Trustees, Richard J. Harshman. Gorcey aims to have these individuals push for the adoption of a more reasonable password and login policy for faculty, staff, and students and make alumni exempt from the policy.

RMU alumnus Giancarlo Incorvaia, class of 2015, explained his insight concerning the downside of password changes.

“Once a hacker breaks into a system, it doesn’t matter if you change the password after the fact. But having to change passwords too often encourages people to write down passwords on sticky notes that aren’t secure at all,” said Incorvaia. “At some point, it really just becomes a pointless hassle.”

The petition has already received over 170 supporters.

As a student at RMU, Chismar also expressed his surprise that with all the issues on campus, the only one to warrant a petition is about password changes.

“There are much more pressing issues the student body should engage in that takes priority over being inconvenienced by changing a password,” says Chismar. “The IT Department takes all suggestions seriously and will do what is necessary to accommodate students without decreasing security protocol.”

If you would like more information or are interested in signing the petition, click here.