During the Spring 2015 semester, Robert Morris University instituted a mandatory 60-day password change policy on all accounts to ensure a "secure online environment".

A quick search of various colleges and universities show that most institutions use a system that requires a password change ranging from every 90 to 180 days, if any system at all. 

As a student, email was the primary contact between professors and myself. I remember multiple professors saying that students need to keep up with their RMU email, or they could miss assignments and fail.

During classes, if a teacher left their cell phone in their car or office, they could not complete the Google Two Step Verification they were unable to access their accounts, setting back class time. I saw that RMU is rolling this for the entire student body. I could only imagine what headaches this might have caused me due to a dead, misplaced, or broken phone.

As an alumnus, having to keep my freedom card around so when I do forget or neglect not update my password is annoying. I have neglected to change my password information for my RMU account since graduation. I know I might receive a few important emails, too. Alumni should not be forced to constantly change their account passwords.

Last September, a friend’s RMU email account was hacked and a email was sent to all of their contacts to gain access to more accounts despite the 60 day password expiration.

I understand the importance of changing passwords and security. I hope these policies can be revisited and changed.

Thank you for your time.