Passwords best practice


Section 11.1.c of the Department's ICT Security Policy states that "The allocation of passwords must be controlled through a formal management process.".

Additionally, the Department's Password Policy state:
  • Passwords must be changed every 126 days
  • Your password must be a minimum of 7 characters and a maximum of 32 characters
  • Your password must contain at least 3 of the following:
    • uppercase letter (A-Z)
    • lowercase letter (a-z)
    • numeral (0-9)
    • special character such as ()~`#$*&@^
  • Your password must be different from your last 8 passwords
  • Your password must not contain your UserID, first name or last name
  • Passwords have a minimum age of 24 hours
  • Passwords must be kept secure and confidential
  • You are accountable for any use or access to Departmental systems with your UserID
  • You must not share your UserID and password with a third party
  • You must not write down your password and leave in a place where it could be easily found
  • You must take care when typing your passwords if they are being observed
  • You must change your password if they suspect that someone else knows it
  • You must not use your DET password as the password for any non-DET system
  • If passwords need to be stored for system administration purposes they must be stored separately from the systems to which they grant access (e.g. electronic password vault, secured safe)
Warning - This portal is provided for DET personnel only.
Any attempted misuse of this portal will be severely dealt with under the full extent of the law.