Password Changes

Hello,

 

I just wanted to inform you that on Wednesday, March 30th the IT department will be changing passwords for everyone throughout the district.  In the past there was no expiration for passwords and no complexity requirements so I understand how changing a password you’ve used for years that was, short and easy to remember to a longer, complex password can be difficult.  I ask for your patience and understanding though, as we are doing this for the benefit of you, our fellow staff, and our students.

 

Very briefly, I will explain why the password change is so important.  We all have access to personal data that could be misused by many people, acting maliciously or not.  Everything from a person gaining unauthorized access and changing grades or records, to downloading malicious software that distributes itself over our network, to a person logging in as someone else and not having the proper access to network resources.  All of those problems can be mitigated by a change of password.

 

I wanted to inform everyone ahead of time, so each of you can start thinking about a new password.  I also wanted to provide you with some information about passwords to help you as well.  When choosing a password try to think of something that someone else doesn’t know or easily guess about yourself.  For example, try to avoid children or pet’s names, as they are often the first things that a person will try when attempting to guess a password.  It is also dangerous to write down your password.  For example, I’ve seen passwords written down and taped to monitors which undermines the district’s security efforts as anyone who can use the computer can now log in as you.  Think of it this way, whatever happens on a computer that is logged in as you, is your responsibility.  So if you have student or personal data on your computer and someone else knows your password, they can login and get that data as well.

 

When trying to create a new password, try thinking of something memorable that will come to your mind easily, but is not something anyone is likely to guess.  Also, please don’t share your password.  No one else should need to know it.  Subs have logins for every school, and school lessons can easily be put onto a flash drive for them which we can provide.  IT doesn’t need to know your password and we won’t ask for it, you should be the only person who knows your password.

 

When you log into your computer for the first time on March 30th you will see a message that your password has expired and must be changed that will look like one of the images below.

log in not

It will ask you for your current password and then your new password two times (to make sure you entered it correctly).

 

I encourage you to think of what you want your password to be beforehand which will certainly help you remember it.  The password must meet certain requirements to ensure that it is not easily guessed.  The requirements are that it is

 

  • at least 8 characters (each letter or number is a character)

 

and uses at least three of the following:

 

  • Uppercase Letters
  • Lowercase Letters
  • Numbers
  • Special Characters (!,$,#,%, etc…)

 

So, “username” would not work.  Although it meets the length requirements, it is all lowercase and requires two of either uppercase letters, numbers, or special characters.  So “USERNAME” would not work for almost the same reason.  “Username” meets the length requirements and has two of the complexity requirements but needs a third.  “Usern@me” would work, as would “Us3rname”.  I also encourage not using words that can be found in the dictionary as they are the first passwords attempted by nefarious parties.  Some people use a short word string that combines two or three words together to create your password.  For example “Cat$AreFun” “Enj@yTheSun$hine99”.

 

After you’ve thought of your password and entered it in twice, you will use that new Windows password to login to your computer instead of your old one.  Note that changing this password only affects your Windows logon and the items tied to it, which is the VPN connection, and email on non-Windows devices.  This means that if you use the Global Protect VPN client to remote in from another location, you will have to update the password in it, and if you receive district emails on your phones, you will have to go into the settings and change its password to your new password as well.  For instructions on how to change the Global Protect VPN client password, see the bottom of this email or ask your local IT tech and they will help you.  All other logons will remain whatever password you are currently using.

 

As usual myself and the rest of the technology staff are here to answer any questions, or assist in any way possible to ensure that the transition to your new password is as seamless as possible.

 

Ian Walker,

System Administrator
Crook County School District

 

Flickr Photos