%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20220121201819+00'00') /ModDate (D:20220121201819+00'00') /Title (IT-artikels) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 11 0 R 13 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 3149 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 296.272 521.469 450.462 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 296.647 520.719 449.712 re S 0.773 0.773 0.773 rg 61.016 617.359 m 550.984 617.359 l 550.984 618.109 l 61.016 618.109 l f 1.000 1.000 1.000 rg BT 278.868 698.693 Td /F1 10.5 Tf [(POST LIST)] TJ ET 0.200 0.200 0.200 rg BT 212.789 670.111 Td /F1 14.4 Tf [(INFORMASIETEGNOLOGIE)] TJ ET BT 221.824 643.466 Td /F1 11.7 Tf [(INFORMATION TECHNOLOGY)] TJ ET BT 61.016 583.841 Td /F1 14.4 Tf [(ONE PASSWORD LESS)] TJ ET 0.400 0.400 0.400 rg BT 61.016 564.033 Td /F3 9.0 Tf [(We have good news for everyone who struggles to remember a plethoraof passwords. Soon there will be one less when )] TJ ET BT 61.016 553.044 Td /F3 9.0 Tf [(we simplify AIS/Tera Term's login procedure. )] TJ ET BT 61.016 533.055 Td /F3 9.0 Tf [(This new development means that you will soon be able to log into sun022, the system which, among others, hosts Tera )] TJ ET BT 61.016 522.066 Td /F3 9.0 Tf [(Term, with your standard network username and password.)] TJ ET BT 61.016 502.077 Td /F3 9.0 Tf [(Phase one of the process is asoft roll-out, where SSO\(Same Sign On\) will be implemented. During this period, you will )] TJ ET BT 61.016 491.088 Td /F3 9.0 Tf [(still be able to log in with your network username or, until it expires, with your existing AIS username. When your AIS )] TJ ET BT 61.016 480.099 Td /F3 9.0 Tf [(password expires, the IT Service desk will not be able to reset it and you will have to start using your network username )] TJ ET BT 61.016 469.110 Td /F3 9.0 Tf [(and password.)] TJ ET BT 61.016 449.121 Td /F3 9.0 Tf [(The primary AIS usernames of current AIS users \(with more than one AIS username\) will be connected to their network )] TJ ET BT 61.016 438.132 Td /F3 9.0 Tf [(username.)] TJ ET BT 61.016 418.143 Td /F3 9.0 Tf [(After SSO is implemented, newly created AIS users' usernames will be set to their SU number. This also implies that AIS )] TJ ET BT 61.016 407.154 Td /F3 9.0 Tf [(usernames, roles, and functions will not be reused.)] TJ ET BT 61.016 387.165 Td /F3 9.0 Tf [(Take note that passwords for these functions should not be shared among staff and that, in doing so, the)] TJ ET 0.373 0.169 0.255 rg BT 479.759 387.165 Td /F3 9.0 Tf [(Electronic )] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 479.759 386.014 m 521.771 386.014 l S BT 61.016 376.176 Td /F3 9.0 Tf [(Communications Policy)] TJ ET 0.18 w 0 J [ ] 0 d 61.016 375.025 m 154.535 375.025 l S 0.400 0.400 0.400 rg BT 154.535 376.176 Td /F3 9.0 Tf [( is violated. The new SSO approach also means that one password will give also give you access )] TJ ET BT 61.016 365.187 Td /F3 9.0 Tf [(to your private Human Resources information. In other words, if you share your password, you also share your personal )] TJ ET BT 61.016 354.198 Td /F3 9.0 Tf [(information.)] TJ ET BT 61.016 334.209 Td /F3 9.0 Tf [(For any enquiries, please contact the IT Service desk at 808 4367.)] TJ ET BT 61.016 314.220 Td /F3 9.0 Tf [(Posted in:General | Tagged:Password | With 0 comments)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Annot /Subtype /Link /A 12 0 R /Border [0 0 0] /H /I /Rect [ 479.7587 386.3326 521.7707 395.4901 ] >> endobj 12 0 obj << /Type /Action /S /URI /URI (http://stbweb01.stb.sun.ac.za/university/Policies/ecp/ecp_december_eng.pdf) >> endobj 13 0 obj << /Type /Annot /Subtype /Link /A 14 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 375.3436 154.5347 384.5011 ] >> endobj 14 0 obj << /Type /Action /S /URI /URI (http://stbweb01.stb.sun.ac.za/university/Policies/ecp/ecp_december_eng.pdf) >> endobj xref 0 15 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000294 00000 n 0000000323 00000 n 0000000458 00000 n 0000000547 00000 n 0000003748 00000 n 0000003860 00000 n 0000003967 00000 n 0000004083 00000 n 0000004211 00000 n 0000004337 00000 n 0000004464 00000 n trailer << /Size 15 /Root 1 0 R /Info 5 0 R >> startxref 4590 %%EOF password « Informasietegnologie
Language:
SEARCH
  • Recent Posts

  • Categories

  • Archives

password

Cybersecurity Awareness Month: Creating strong passwords

Tuesday, October 5th, 2021

Before we pointed out that most people underestimate the importance of having a secure password, and still make the mistake of using simple words and numbers as a password.

Keep in mind that your email and social network accounts contain very personal information about you. You must have a strong password to keep your personal life personal, and not become a victim of identity theft. 

  • Using email or your profile on Facebook, Whatsapp or Google, hackers can and do, extract a huge amount of personal data of your personal “online” life.
  • If you use the same password for multiple online accounts, you run the risk, if this password is hacked, of all your online accounts being compromised.
  • Using a personal name for an online account, the name of the city that you live in, the names of your children or your date of birth, give hackers vital clues for attempting to access your personal data.
  • For an average expert hacker, it is always easy to find passwords that are made up of words from the English vocabulary or other languages, using a basic technique called “brute force” or “dictionary” attacks.

What makes a password safe?

  1. A password at least 8 characters long.
  2. The password does not contain information that is easy to find online, such as the date of birth, the telephone number, your spouse’s name, the name of a pet, or a child’s name.
  3. The password does not contain words found in the dictionary.
  4. The password contains special characters like @ # $% ^ &, and numbers.
  5. The password uses a combination of uppercase and lowercase letters.

A trick that the experts use to create secure passwords:

Think of a phrase and use the first letters of the words in the phrase.

  • For example: “In South Africa, a barbecue is called a Braai!”
  • Take the first letters of each word and the password that is created is ISAabicaB!
  • This will be very difficult to guess, but easy to remember.
  • At this point, you can decide to make your the Google password is ISAabicaB!-G,  and Facebook ISAabicaB!-F and your university account  ISAabicaB!-US and so on.
  • There is already a capital letter and a special character (!), so you just need to add a number to finish off a good password like 9-ISAabicaB!-US (9 could be the month you created the password in – for example)

You will have already made your password a lot more difficult to hack, and it can be a lot of fun to create. 

Step Up to Stronger Passwords

Tuesday, October 5th, 2021

Weak and reused passwords continue to be a common entry point for account or identity takeover and network intrusions. Simple steps and tools exist to help you achieve unique, strong passwords for your accounts.

 A password is often all that stands between you and sensitive data. It’s also often all that stands between a cyber criminal and your account. Below are tips to help you create stronger passwords, manage them more easily, and take one further step to protect against account theft.

  • Always: Use a unique password for each account so one compromised password does not put all of your accounts at risk of takeover.
  • Good: A good password is 10 or more characters in length, with a combination of uppercase and lowercase letters, plus numbers and/or symbols — such as pAMPh$3let. Complex passwords can be challenging to remember for even one site, let alone using multiple passwords for multiple sites; strong passwords are also difficult to type on a smartphone keyboard (for an easy password management option, see “best” below).
  • Better: A passphrase uses a combination of words to achieve a length of 20 or more characters. That additional length makes it’s exponentially harder for hackers to crack, yet a passphrase is easier for you to remember and more natural to type. To create a passphrase, generate four or more random words from a dictionary, mix in uppercase letters, and add a number or symbol to make it even stronger — such as rubbishconsiderGREENSwim$3. You’ll still find it challenging to remember multiple passphrases, though, so read on.
  • Best: The strongest passwords are created by password managers — software that generates and keeps track of complex and unique passwords for all of your accounts. All you need to remember is one complex password or passphrase to access your password manager. With a password manager, you can look up passwords when you need them, copy and paste from the vault, or use functionality within the software to log you in automatically. Best practice is to add two-step verification to your password manager account. Keep reading!
  • Step it up! When you use two-step verification (a.k.a., two-factor authentication or login approval), a stolen password doesn’t result in a stolen account. Anytime your account is logged into from a new device, you receive an authorization check on your smartphone or another registered device. Without that second piece, a password thief can’t get into your account. It’s the single best way to protect your account from cyber criminals.

Resources

 

One password less

Thursday, May 12th, 2016

We have good news for everyone who struggles to remember a plethora of passwords. Soon there will be one less when we simplify AIS/Tera Term’s login procedure.  

This new development means that you will soon be able to log into sun022, the system which, among others, hosts Tera Term, with your standard network username and password.

Phase one of the process is a “soft roll-out”, where SSO (Same Sign On) will be implemented. During this period, you will still be able to log in with your network username or, until it expires, with your existing AIS username. When your AIS password expires, the IT Service desk will not be able to reset it and you will have to start using your network username and password.

The primary AIS usernames of current AIS users (with more than one AIS username) will be connected to their network username.

After SSO is implemented, newly created AIS users’ usernames will be set to their SU number. This also implies that AIS usernames, roles, and functions will not be reused.

Take note that passwords for these functions should not be shared among staff and that, in doing so, the Electronic Communications Policy is violated. The new SSO approach also means that one password will give also give you access to your private Human Resources information. In other words, if you share your password, you also share your personal information.

For any enquiries, please contact the IT Service desk at 808 4367.

What’s wrong with your password?

Friday, October 10th, 2014

Passwords are an important aspect of computer security and your electronic key to the network of Stellenbosch University. But which passwords work best? 

Lorrie Faith Cranor is a security researcher and an Associate Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University. In March of this year she presented a TED talk on her study of thousands of real passwords to figure out the surprising, very common mistakes that users — and secured sites — make to compromise security.

Watch her very interesting talk on her research on passwords below. After watching Lorrie’s talk you might also want to change your own password. On how to do that and more password tips, have a look at our wiki or make use of the self help function online.

http://www.ted.com/talks/lorrie_faith_cranor_what_s_wrong_with_your_pa_w0rd

Password synchronisation giving you a headache?

Friday, August 31st, 2012

Every 90 days you receive an email from helpinfo@sun.ac.za asking you nicely to change your password. We all know that, although it’s a bit of a nuisance, it’s also necessary for security reasons. But is there a way to simplify the process?

In 2007 Microsoft Research conducted a study and found that the average user has 6.5 internet passwords, each person has approximately 25 accounts with passwords and has to enter 8 passwords per day.  And this was in 2007 – imagine what the statistics will look like 5 years later.

If you use more than one device, password changes can become a nightmare. But there are a few steps you can follow to make sure it goes a bit smoother.

Switch off all your devices except for one, for example your laptop.

Sign on at http://www.sun.ac.za/useradm, select the Change Password option and select a new password according to the guidelines supplied on the website. Log out of the network with the Logout option given on http://www.sun.ac.za/useradm. Log onto the network with your new password. Make sure you can access all your network applications – email, internet and networkspace. Switch on all the other devices and type in your new password.

Remember, you can change your password any time at http://www.sun.ac.za/useradm with the Change Password option. Try to stick to the guidelines to ensure you have a secure password – it will safe you a lot of effort and frustration in the long run. If you’ve forgotten your password, you can also reset is by browsing to staff portal.

More information and hints on password changes can be found at https://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki%20Pages/Change%20password.aspx

 

© 2013-2022 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.