Intercom

intercom home  |  advanced search  |  about intercom  |  alerts  |  faq  |  help     Search Intercom

sections

News and Notices
Lectures and Presentations
Arts and Performances
Learning Opportunities
Kudos
News for Faculty
News for Staff
News for Students
Student Organizations
HR News
Comings and Goings
Technology
Archive

Stronger Passwords Required for Parnassus and HomerAdmin

Contributed by Karen Compton on 10/25/06 

Print

In a continuing effort to increase the security of Ithaca College systems, ITS, in partnership with various campus offices, has developed new criteria for using more secure account passwords for Parnassus and HomerAdmin (but NOT HomerConnect).

The new password rules are as follows:

  • Must be at least 8 characters
  • Must consist of a combination of letters, numbers and one or more of the following special characters (Note: These are the ONLY special characters allowed):
    • ! (exclamation point)
    • % (percent sign)
    • * (asterisk)
    • + (plus sign)
    • - (dash or minus sign)
    • ? (question mark)
    • _ (underscore)
  • Cannot contain the username for that system
  • Will expire every 120 days
  • Cannot be a password that has been used within the last 18 months

These new password rules for Parnassus and HomerAdmin will go into effect on November 20th. Users may be prompted to change their password for these systems on that day, or at any point over the following 120 days, depending on when the password was last changed. Stronger passwords for other systems (Novell, email, Web, etc.) will also go into effect in the coming months.

Additional guidelines for safeguarding your passwords as well as tips for how to create a secure password that is easy to remember can be found in this guide.

These new password rules are a necessary change toward better security for our most sensitive information systems and data. In an era when college and university computers and networks are under frequent attack by those seeking unauthorized access to confidential information, we must take prudent steps to protect our systems.

Please contact the ITS Helpdesk (helpdesk@ithaca.edu or 4-3282) if you have questions or experience problems creating a new password for Parnassus or HomerAdmin.

Topic: Archive
Stronger Passwords Required for Parnassus and HomerAdmin | 4 Comments |
The following comments are the opinions of the individuals who posted them. They do not necessarily represent the position of Intercom or Ithaca College, and the editors reserve the right to monitor and delete comments that violate College policies.
Stronger Passwords Required for Parnassus and HomerAdmin Comment from jmehne on 10/26/06
Gee, with all the passwords that we're going to have to remember, and with
them CHANGING ALL THE TIME, I guess I'll have to write them down on a post-it
note and put it on my monitor, instead of the passwords I've always used that
already have a non letter/number character in them.
Stronger Passwords Required for Parnassus and HomerAdmin Comment from lahr on 11/01/06
While I recognize the need for increased computer and network security, when considering the “human aspect” of what is going to be required, I find the new criteria to be overly stringent. During an 18 month period we are going to need to make up and use six completely different passwords. I do not have problem with a “stronger password”, but having to make up, remember, and keep straight, a new strong password every three months is going to be a big challenge. I might be more resigned to accept the new policy, if this protocol was in widespread use, but none of the financial accounts that I use with numerous other organizations (e.g. bank, credit card, mutual fund) have any requirements nearly this stringent in terms of frequency of password changes.

I would hope that our systems are not so vulnerable such that this amount of changing is what is required for necessary protection. My suggestion would be to require a “strong” password, but make it good for one year (or at least six months) and make it so that only the most recent password cannot be used.
Stronger Passwords Required for Parnassus and HomerAdmin Comment from mcorsaro on 11/16/06
I agree with lahr who maintains that our policy of changing passwords so frequently is more stringent than on line banking or TIAA CREF. Most people are not going to be able to remember a new password that has to be recreated with such frequency and without an option to repeat one from the past 120 days. This will result in people writing down their passwords to remember them and RAISING the possibility of access to their private information. I think this needs to be rethought. Please consider rethinking the stringency of this plan.
Stronger Passwords Required for Parnassus and HomerAdmin Comment from rschassburger on 11/17/06
I too agree with the above comments (all of them!), and find this obsession
with security downright ridiculous on a college campus. I can certainly
understand the necessity when it comes to personal information that can be
used to steal our identities (which should perhaps have its own secure
password, and changed only as often as necessary), but we are talking about
communications between fauculty, administration and students. It is already
annoying to have different usernames and passwords for different accounts at
the College. No doubt I will need to carry a long list of these on my person
(and leave multiple copies where I might have computer access, just in case I
forget my list or it winds up in the laundry) for all my accounts at the College!
Along with this annoyance and the continual learning of new systems and
software, it certainly seems I have less and less time to engage in reading and
working at improvement of my teaching outside the classroom since the
invention of these "time-saving" computers.