University of Wisconsin–Madison
Computer Password

Cybersecurity Share and Listen April 4: New password guidelines

Please join the UW–Madison Office of Cybersecurity on April 4 for an open campus listening session on new password guidelines.

UW-Madison is in the process of adopting a new password standard for NetID and other login accounts. The Office of Cybersecurity will describe new guidelines from the National Institute for Standards and Technology (NIST), and gather your input on the best ways to implement them.

Date:     Wednesday, April 4, 2018

Time:     1 – 2 p.m.

Place:    1360 Genetics-Biotechnology Center Building

Full agenda

Topic: New password standard adoption from NIST

  1.   Welcome – Bob Turner (5 min)
  2.   Panel Discussion (20 min)

Moderator: Stefan Wahe


  •         Susan Dyke – Cybersecurity
  •         Bob Turner – Cybersecurity
  •         Tom Jordan – DoIT Middleware
  •         Chris Spencer – Cybersecurity
  1.   Q&A (25 min)
  2.   IAM Steering Group – Tom Jordan (10 min)
  3.   Closing and Evaluations

Considerations for discussion

For Authenticating / Signing-In:
(1) How many systems do you sign into each day?
(2) How do you manage passwords for your university accounts and personal accounts?
(3) What are the problem with passwords?
(4) Do you use an account that is shared by others?

For Implementing Authentication / Password Controls:
(1) How are password controls implemented (for technical audience members)?
(2) How are accounts created and removed when there is a change in user status?
(3) What controls can you implement to address Man-In-The-Middle attacks?


NIST SP 800 63-3 Digital Identity Guidelines

UW-Madison Data Classification:

Current UW-Madison Password Policy:

Current UW-Madison Password Standard:

The Rules Have Changes:

Your feedback and questions are welcome at this event. For more information on the listening session or the new password guidelines, please contact