Cybersecurity Awareness: Passwords
Editor's note: This the second in a series of articles in observance of National Cybersecurity Awareness Month.
1:22 p.m., Oct. 9, 2006--During National Cybersecurity Awareness Month, the University's Office of Information Technologies (IT) asks members of the University community to examine their computing practices and to take steps to protect their computers and their information.
The educational consortium EDUCAUSE, a co-sponsor of this campaign, “encourages all universities to promote safe computing practices to their students, faculty and staff,” Susan Foster, vice-president for Information Technologies, said.
“This week's point of emphasis is password management,” Ron Nichols, manager in IT-User Services, said. “This week, we are releasing a video reminder about good passwords that urges people to make strong passwords; contains a suggestion for making a strong password; and reminds people not to write down, post, or share their passwords.
“When we make office calls to help faculty and staff, we really do find peoples' passwords on sticky notes where they are easily visible or stolen,” he added.
“Several years ago, we had an incident in which it appeared a senior University official was sending abusive e-mail to a graduate student,” Richard Gordon, an information resource consultant in IT-User Services, said. “It turned out to be a prank that we traced back to that administrator's e-mail password being posted on a bulletin board behind his secretary's desk-in plain view for anyone to see. A student saw the password and used the administrator's account to abuse a friend.”
The IT-Help Center offers advice about passwords at its security web site. “This week, our Cybersecurity Awareness calendar [www.udel.edu/security/october.html] features password management,” Kathy Beardsley, manager of the IT-Help Center, said. “We tell our users that passwords are like toothbrushes--things you don't share with others. We also urge people not to re-use their UDelNet passwords on other accounts and to memorize their passwords whenever possible,” she added.
In cases in which a password may be needed in an emergency, she suggests that the password be written down, placed in a sealed envelope, given to a departmental administrator, and locked up--to be retrieved only in the case of an emergency.
“It's important that people remember that every account on individual desktop or laptop computers needs to have a strong password,” Nichols said. “Many hackers gain access to a network as a result of guessing a password on an individual computer.”
“Good password management requires common sense,” Foster said. “During October, we urge everyone at the University of Delaware to double-check their passwords, making sure that they are using strong passwords, and that they are practicing good security measures with those passwords.”
Click here to see what makes a good password.
For more information, visit:
IT-Help Center's Cybersecurity Awareness Calendar [www.udel.edu/security/october.html]
UD's Cybersecurity Awareness Videos
UD's Computer Security News and Alerts: [www.udel.edu/security/secnews.html]
October is National Cybersecurity Awareness Month
Computer Security at UD
UD's IT-Help Center
National Cyber Security Alliance