COM Password Standards

With the implementation of a new COM Portal in January 2016, the IT department updated its password standards. The new password complexity requirement is necessary to ensure compliance with existing laws and regulations regarding data security and protecting the privacy of personal information.

Password Must:
  1. Passwords cannot contain the user's account name or parts of the user's full name that exceed two consecutive characters.
  2. Passwords must be at least eight characters in length.
  3. Passwords must contain characters from at least three of the following four categories:
  • English uppercase alphabet characters (A–Z)
  • English lowercase alphabet characters (a–z)
  • Base 10 digits (0–9)
  • Non-alphanumeric characters (for example, !$#,%)
Password Reset:

Use the following link from the COM portal to reset your password

https://mycom.marin.edu/web/first-time-users/reset-password

Please do not attempt password reset anywhere else in the web; Only use the MyCOM portal.

 

Account Unlock:

If you attempt login too many time with a wrong password, your account will be automatically locked. This feature helps to prevent attackers from guessing users' passwords, and decrease the likelihood of successful attacks on your network.

  • Account lockout threshold: after 10 failed logon attempts, your account will be locked for 15 minutes. You may reset your password after that wait period.
  • Account lockout duration: your account will stay locked out for 15 minutes. Please wait for that duration before attempting the next login.

 

Password Best Practices

  • Always use strong passwords.
  • If passwords must be written down on a piece of paper, store the paper in a secure place and destroy it when it is no longer needed.
  • Never share passwords with anyone.
  • Use different passwords for all user accounts.
  • Change passwords immediately if they may have been compromised.
  • Be careful about where passwords are saved on computers. Some dialog boxes, such as those for remote access and other telephone connections, present an option to save or remember a password. Selecting this option poses a potential security threat.