Student Authentication Policy

When students are either matriculated into a program or are registered into a course as a non-degree student, they are
provisioned with a password-protected account that gives them access to the student information system, email, and
Blackboard, along with other online information and services. The password they are initially given is a temporary one;
this requires them to set up a regular password and to define identification information (e.g., mother’s maiden name) that
becomes an ongoing identifier for them. Students are required to change their passwords every 90 days and are
automatically notified to do so.

Should students forget their password at some point during the iteration of a course, they can use the automatic reset
process but need to use the identification identifier to do so. The courses in Blackboard are continuously password
protected and students may not enter them at any point without password recognition.

When students are not on one of the physical campuses and want to access Blackboard, they log in using a 2-factor
authentication factor. This combines use of the password with a follow-up phone call to a phone number provided by the
student to verify the student log-on.