Security
- Home
- Technology & Communications
- Security
Security Information
Recent reports of unauthorized attempts to access systems and the data on systems have resulted in Technology & Communications performing a review of Security Logs for a variety of machines around campus. Although an in-depth audit of the logs is not feasible, in many cases there is a pattern of suspicious activity. As a result, we are stressing certain practices that have been recommended but possibly not emphasized sufficiently.
It is important to understand that your password protects more than just the data on your computer and your e-mail. It also protects against another person doing things as if they were you. According to the Computer Use Policy, you are responsible for anything done under your account.
If you leave your computer logged in, an individual can access not only your data, but any data that has been shared and you have been granted access.
More importantly, most of you who use Outlook for your e-mail have it remember your password so that you are not required to enter it every fifteen minutes or so to check for e-mail. This is an acceptable practice. But if your computer is logged it, it is possible for another person to not only get your mail, read your mail, delete your mail, but also send messages as if they were from you.
Specifically, we recommend changing your password to meet certain industry-standard criteria. These are described below. Also we recommend that you get in the habit of locking or logging off your system when you are not at it. The screensaver can also be set to require logging in when it is dismissed. While this may seem annoying at first, it will soon become quick and automatic, and provides the added benefit that you are unlikely to ever forget your password, no matter how complicated it is..
A good password:
· has at least 8, preferably 10 or more, characters or numbers.
· has a mix of letters and numbers*
· does not include a dictionary word**
· is changed at least every 5 months, but preferably more often
· is not something personally identifiable
* one way to accomplish this is to replace the letter "o" with the number zero, "I" or "L" with the number 1, etc.
** any word that can be found in a dictionary. A misspelled word, however, is very effective-such as "fyre" instead of "fire
