Changes that impact users are the movement from eight (8) character passwords to twelve (12). In addition, the complexity requirement of using special characters, numbers, upper or lower-case characters has been removed. The idea here is that it is easier for a user to remember a phrase versus a complex password.
Since longer passwords are more difficult to be broken by a cyber attacker; we are also extending password duration from six (6) months to twelve (12) months.
Once testing has been completed and our systems are prepared for the change; we will announce a grace period for all users to change and update their passwords to match the new requirements.
Thank you,
KAUST Information Security Department