The HIPAA Privacy Regulations require that appropriate administrative, technical,
and physical safeguards are in place to protect the privacy of protected health
information. To meet this requirement, New Jersey Substance Abuse Monitoring System(NJSAMS)
has implemented a change to the password policy for all accounts used for accessing
the NJSAMS web site.
The following represents the minimum requirements for your NJSAMS password.
Password complexity: Must not contain significant portions (three
or more contiguous characters) of your User Id, must be at least eight (8) characters
in length, must not use control characters and other non-printing characters, and
must contain characters from at least three of the following four categories arranged
in any order.
English uppercase characters (A through Z)
English lowercase characters (a through z)
Base 10 digits (0 through 9)
Non-alphabetic characters: ~!@#$%^*&;?.+_
Maximum age: All passwords must be changed at least every sixty
History: Set at six (6), meaning the password needs to be set six
times before it can be reused.
Account Lockout Threshold: After five (5) unsuccessful attempts
to enter a password, the involved user-ID will be temporarily disabled for five
(5) minutes after which the account will be automatically unlocked.
Guide to Creating A Secure Password
Passwords must be a minimum of eight (8) characters long and alphanumeric. Passwords
should not be based on one's user name, actual name or any dictionary name; i.e.,
a good password should not contain standard words. The longer your password is the
more secure it will be.