Staff - Password Change
Staff - Password Change
What is a 'Strong Password'?
You could come up with a completely random combination of numbers and symbols, but that's not very practical. How would you remember it? Chances are you'd write it down and keep it in the top drawer of your desk and then it's no longer such a great password after all.
A strong password is one that is at least eight characters, includes a combination of letters, numbers, and symbols and is easy for you to remember, but difficult for others to guess.
Why should I change my password every Ninety days?
We have an obligation to protect information stored on our computer systems from unauthorised access. We require all Faculty and Staff members to change their password every 90 days. All passwords must be at least five characters in length. Currently we do not enforce strong password complexity, but using a 'Strong Password' is considered 'best practise'.
- The main reason for regular password changes is to limit an account's exposure to misuse. Every time you type in your password it is at risk of being compromised - by someone looking over your shoulder, through interception as it travels across the network, etc. The more you use your password the more opportunities there are for it to be disclosed inadvertently.
- Changing your password regularly reduces the risk of your password being compromised by a 'brute force' attack.
- Resetting regularly also limits the damage that can be done without your knowledge, and helps to prevent continuing unauthorised use.
- To enable meeting future requirements regarding enforcing compliance with password complexity within a given timeframe.
- To help identify overactive accounts! (Resetting a password may uncover misuse; it may also identify legitimate but undocumented situations where an account is simultaneously being used by more than one person.)
There are also administrative reasons for enforcing password expiration.
With the above considerations in mind, forced expiration of passwords is considered good practice, and policies supporting such action are widely recommended.
What if I forget my password?
The Service Desk Staff will not be able to reset your password until
- The requester presents themselves in person to the ISS Service Desk, and provide your Staff Card as proof of identity.
- The requesters line manager emails the Service Desk requesting the password to be reset
The Service Desk staff will assign a new temporary password to you, and after a successful login you must change this temporary password or you will lock your account again, you can do this by either method given above.
How long will it take for my new password to become valid?
When you change your DCU Network password this takes effect immediately. If you change your password via the Portal you will be logged out and will have to re-authenticate using your new password to gain access back into your Portal page.
Can I tell others my password?
No, if you tell others your password you have given them your Identity, which leaves your account open to ‘misuse’ and if your account is used in an inappropriate manner you may be held accountable for their actions.
What is affected when I change my DCU Network Access password?
When you change your DCU Network Access password, access to the following will be affected as we use LDAP authentication to gain access to them. The other applications listed use application level authentication.
Users who synchronise their DCU Calendar with a SmartPhone.
Users who synchronise their DCU Calendar agenda with their SmartPhone will need to change the password which is cached in an encrypted form within the phones account settings.