Governor Ned Lamont


Get Adobe Reader

Core-CT Password Policy

Core-CT Password Criteria, Effective December 16, 2010

The purpose of Statewide Memorandum 2014-19 is to advise all state agencies of the importance of having appropriate internal controls over and within the Core-CT Financial and Human Resource Management System (HRMS) to ensure that all transactions are properly authenticated and authorized. Guarding against unauthorized and inappropriate access to the Core-CT system is critical because of the integration of the Financial and HRMS Systems. Unrestricted access to the Core-CT system compromises the controls provided by segregation of duties and other safeguards that are part of manually operated systems.

Section IV. Password Security Policy

The following password security policies are in effect:

  • All passwords expire in ninety (90) days.
  • Users will be warned for fifteen (15) days prior to the password expiration.
  • Five (5) logon attempts are allowed before the account is locked out.
  • The password can not match the User ID.
  • The password must be at least eight (8) characters in length, three (3) of which must be digits.
  • Six (6) passwords are retained in the system.
  • Both alphabetic and numerical characters are allowed.
  • Passwords should be obscure rather than obvious.
  • All users with valid email addresses must set up their User Profile in Core-CT to be able to use the password reset feature in Core-CT.
  • Only authorized agency security liaisons can request password resets.

Distribution - User-IDs and passwords should be hand delivered or emailed by the agency security liaison. Agency personnel should be informed of the password guidelines and policies, procedures for password and access problems, and who to contact. Any problems associated with User IDís or passwords must be communicated through the Agency Security Liaison. Agency personnel are not to contact the Core-CT Security Administration directly.

If you should encounter any problems, please contact your agency security liaison.

Thank you in advance for your cooperation.