The Importance of Password Security06/10/04 AMW
Network and data security at Juniata College is highly dependent on the security of users’ passwords. At the user level, passwords protect computers, files, and email accounts. At the organizational level, passwords protect the integrity of important systems and services, such as Datatel, Email, File Sharing, Web, Online Library Access, and Printing. Any time a password is compromised, an opportunity for an unauthorized user to invade these resources presents itself.
Unauthorized users can obtain passwords in numerous ways. Passwords that are shared or written down serve as an open invitation. They can also be obtained electronically by hackers who capture traffic traveling across the network and the Internet. Therefore, the simpler the password is, the easier it is for a hacker to decrypt it. Either of these methods would provide unauthorized access to our network. The results of this could range anywhere from unauthorized access to confidential student or employee data to deleting files and crashing mission critical servers.
In an ideal world, all network users would be required to change their passwords at least once every six weeks. However, in the academic world, password policies as strict as this would be an inconvenience to users who don’t access their accounts for months at a time. Even still, there is an obvious need to find a balance between network security and convenience to users.
Even though we are enforcing an annual password changing policy on October 1, 2003, all users should consider changing their passwords on a more frequent basis. Use the following guidelines to help ensure network and data security.
1. Change your password as frequently as possible. Once every two months is recommended.
2. Do not write your password down or share it with anyone.
3. Use difficult non-dictionary passwords with at least 8 characters and include numbers and special characters.
For instructions on how to change your password, please go to http://services.juniata.edu/cts/helpdesk.html?faq-content.html and choose the Help Desk FAQ: “How do I change my password?”.
Click here to login as either a Faculty Member or Trustee in order to view additional policies.