Identity management is a critical element for information security. It involves granting unique ids to all users of a information system and the appropriate access in accordance with their job roles and responsibilities. In addition, it requires that access is removed when access is no longer required in a timely manner.

Authentication methods chosen should prevent unauthorized access to an account. Adhering to secure password procedures will help reduce the compromise of user accounts on the University’s systems.

Since today's computing technology environments are increasingly interconnected (networked), and sophisticated password cracking programs are freely available to anyone, the compromise of any single computer system or account through the revelation or theft of a single password can place whole communities of data in jeopardy. Adopting and abiding by secure password procedures have become a vital and shared computer responsibility.

For additional information regarding identity management, visit the Harvard University Information Security and Privacy section on Passwords and the Enterprise Security Policy.