Mail Login
Calendar
Contacts
Network Search
Downloads |
+/
-
This is a policy page which contains instructions which you should follow according to common sense. The accuracy of the following information is guaranteed and this page has been locked from public editing.
On this page... (hide)
Your user-name and Password grant access via remote control as well as physical terminals. Therefore if your credential security is compromised unauthorized access to your account with its files and personal information may occur. Although this is unlikely this would be a serious security breach.
Nobody should use simple passwords, such as single dictionary words or patterns of letters or numbers. Only strong Passwords should be used. Strong passwords are necessary to protect against "brute-force" attacks which use automated techniques to randomly input words and numbers.
A Strong Password is a combination of upper and lower-case letters, numbers and/or typographical symbols, the more of each of these a Password has, the stronger it is. No password should be a mere dictionary word in any language including slang. No Password should be only a trivial variation on a dictionary word.
When dictionary words occur in Passwords it is important to break them up with numbers or symbols interpolated within them. Adding numbers and symbols to the beginning or end only of a word is not effective.
The strongest Passwords are more than eight characters long, contain all three of numbers, letters and symbols, and are not based on dictionary words. You should use the strongest Password you can remember.
You should also avoid basing your Password on anything associated with you such as your name, or the names of friends, pets and relatives, bank account, phone or other readily guessed numbers or places of work etc.
If you base your Password on language utterances, you should use more than one word and avoid words that are related.
You should never give your Password to anyone.
Do not let anyone watch you enter your Password and do not enter your Password if you are unsure of the security of the terminal.
You should use a different password for each site, account and service. Whenever you change any password you should not use a password that you have already used.
You may write passwords down, but the document must not be stored near any computer terminal. Administration has prepared a form for this, available from the Online Helpdesk . It is better to avoid writing passwords down, but not if this causes you to reuse passwords or to use weak ones.
Should your password expire or be administratively invalidated you will be forced to reset it before you can log in. In this situation the system will automatically prompt you to enter a new password if you attempt to log in with your old one. If you try to evade the prompt, the system conclude it is under attack and lock down your account, something requiring administrative intervention to fix.
A password expires periodically for security reasons. This is an automatic function of the system. Your password could also be administratively invalidated as part of the process of recovering from a forgotten password, your password may also expire or be rejected by the system if it is not in compliance with this policy.
Administration has broad technical power and authority to enforce this policy. Administration may configure the UNIX system to reject weak passwords, run simulated attacks, invalidate passwords, change the expiration tenure of passwords or block features.
Administration assumes good-faith on the part of its users (in this and other matters) but that does not mean that precautions are not being taken.
Print Version
Feeds