No Password Expiration and Two Factor Authentication

One of the better security videos we have released is on two factor authentication. Pithy, short, and in language a normal human being can understand are characteristics of this video.

While I have always railed against silly security rules that waste everyone’s time, password expiration has particularly irked me. It is mathematically indefensible and just complicates everyone’s life if you have a long password. As we roll out ¬†two-factor authentication, we will make user passwords never expire.

To highlight the emotional impact this has, two things happened when I announced this at executive cabinet:

  1. The President immediately blurted out “…and this is why you invest in information security!” and,
  2. Several of my colleagues teared up as changing passwords is one of the things they most dreaded about work.

Combining the two initiatives will accelerate adoption of 2-factor authentication.

IT Support for Athletics and Honorary Coach

I lead an organization that has a somewhat unique role in higher education – we provide IT support to an athletic department that competes at the highest level of NCAA competition. Here is a short video we released today highlighting our support for the football team.

One of the surprising, at least to me, results is the Athletics department selected me to be one of three honorary coaches for the season opener on 2 September. This doesn’t normally happen to IT leaders and perhaps indicates the amazing employees we have on our IT team.