☰       Show/Hide Menu

☰       Department Menu

 

Password Information

Password Information

As you may be aware of 2017 has been a quite a year when it comes to IT security.

We have been treated to all types of Phishing scams, Social Engineering scams and Ransomware As always we would advise everyone to be vigilant while online whether it be at work or at home.

Familiarise yourself the tactics used by the criminals, to think before you click and to ensure that you have backed up all your data to the Cloud i.e. Google Drive.

We have outlined some important security points below that if followed will help you and us in our collective efforts in keeping the cybercriminals at bay..

What is a 'Strong Password'?

  • A strong password is one that is at least eight characters, includes a combination of letters, numbers, and symbols and is easy for you to remember, but difficult for others to guess.

Password Strength

Why should I change my password every Ninety days?

We have an obligation to protect information stored on our computer systems from unauthorised access. We require all Faculty and Staff members to change their password every 90 days. All passwords must be at least five characters in length. Currently we do not enforce strong password complexity, but using a 'Strong Password' is considered 'best practise'.

  1. The main reason for regular password changes is to limit an account's exposure to misuse. Every time you type in your password it is at risk of being compromised - by someone looking over your shoulder, through interception as it travels across the network, etc. The more you use your password the more opportunities there are for it to be disclosed inadvertently.
  2. Changing your password regularly reduces the risk of your password being compromised by a 'brute force' attack.
  3. Resetting regularly also limits the damage that can be done without your knowledge, and helps to prevent continuing unauthorised use.

There are also administrative reasons for enforcing password expiration.

  1. To enable meeting future requirements regarding enforcing compliance with password complexity within a given timeframe.
  2. To help identify overactive accounts! (Resetting a password may uncover misuse; it may also identify legitimate but undocumented situations where an account is simultaneously being used by more than one person.)

With the above considerations in mind, forced expiration of passwords is considered good practice, and policies supporting such action are widely recommended.

What if I forget my password?

The Service Desk Staff will not be able to reset your password until

  1. The requester presents themselves in person to the ISS Service Desk, and provide your Staff Card as proof of identity.
  2. The requesters line manager emails the Service Desk requesting the password to be reset

The Service Desk staff will assign a new temporary password to you, and after a successful login you must change this temporary password or you will lock your account again, you can do this by either method given above.

How long will it take for my new password to become valid?

When you change your DCU Network password this takes effect immediately. If you change your password via the Portal you will be logged out and will have to re-authenticate using your new password to gain access back into your Portal page.

Can I tell others my password?

No, if you tell others your password you have given them your Identity, which leaves your account open to ‘misuse’ and if your account is used in an inappropriate manner you may be held accountable for their actions.

What is affected when I change my DCU Network Access password?

When you change your DCU Network Access password, access to the following will be affected as we use LDAP authentication to gain access to them. The other applications listed use application level authentication.

Not AffectedAffected
  • ITS
  • Core Supervisor
  • Cardax
  • Laptop Encryption
  • DCU Network Login
  • DCU Windows PC Login
  • Email - DCU Apps
  • DCU Apps (Calendar, Documents, Sites)
  • RSS
  • Core
  • Secure Web Pages - LOOP
  • Agresso
  • Eduroam

Users who synchronise their DCU Calendar with a SmartPhone.

Users who synchronise their DCU Calendar agenda with their SmartPhone will need to change the password which is cached in an encrypted form within the phones account settings.