%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20250710010742+00'00') /ModDate (D:20250710010742+00'00') /Title (Report 07-2025) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 12 0 R 14 0 R 16 0 R 18 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 2767 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 512.060 521.469 234.674 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 512.435 520.719 233.924 re S 0.773 0.773 0.773 rg 61.016 527.810 m 550.984 527.810 l 550.984 528.560 l 61.016 528.560 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(WHAT’S WRONG WITH YOUR PASSWORD?)] TJ ET 0.400 0.400 0.400 rg BT 61.016 664.909 Td /F2 9.0 Tf [(Posted on )] TJ ET BT 104.045 664.909 Td /F3 9.0 Tf [(October 10,2014)] TJ ET BT 173.579 664.909 Td /F2 9.0 Tf [( by )] TJ ET BT 188.087 664.909 Td /F3 9.0 Tf [(IT Communications)] TJ ET 0.267 0.267 0.267 rg BT 61.016 637.420 Td /F4 9.0 Tf [(Passwords are an important aspect of computer security and your electronic key to the )] TJ ET BT 408.164 637.420 Td /F4 9.0 Tf [(network of Stellenbosch University. )] TJ ET BT 61.016 626.431 Td /F4 9.0 Tf [(But which passwords work best? )] TJ ET 0.153 0.153 0.153 rg BT 194.063 626.431 Td /F4 9.0 Tf [( Lorrie Faith Cranor is a security researcher and an Associate Professor of Computer )] TJ ET BT 61.016 615.442 Td /F4 9.0 Tf [(Science and of Engineering and Public Policy at )] TJ ET 0.373 0.169 0.255 rg BT 254.615 615.442 Td /F4 9.0 Tf [(Carnegie Mellon University)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 254.615 614.291 m 362.138 614.291 l S 0.153 0.153 0.153 rg BT 362.138 615.442 Td /F4 9.0 Tf [(. In March of this year she presented a TED )] TJ ET BT 61.016 604.453 Td /F4 9.0 Tf [(talk on her study of thousands of real passwords to figure out the surprising, very common mistakes that users — and )] TJ ET BT 61.016 593.464 Td /F4 9.0 Tf [(secured sites — make to compromise security. Watch her very interesting talk on her research on passwords below. After )] TJ ET BT 61.016 582.475 Td /F4 9.0 Tf [(watching Lorrie's talk you might also want to change your own password. On how to do that and more password tips, have )] TJ ET BT 61.016 571.486 Td /F4 9.0 Tf [(a look at our )] TJ ET 0.373 0.169 0.255 rg BT 113.045 571.486 Td /F4 9.0 Tf [(wiki)] TJ ET 0.18 w 0 J [ ] 0 d 113.045 570.335 m 128.039 570.335 l S 0.153 0.153 0.153 rg BT 128.039 571.486 Td /F4 9.0 Tf [( or make use of the )] TJ ET 0.373 0.169 0.255 rg BT 207.581 571.486 Td /F4 9.0 Tf [(self help)] TJ ET 0.18 w 0 J [ ] 0 d 207.581 570.335 m 241.097 570.335 l S 0.153 0.153 0.153 rg BT 241.097 571.486 Td /F4 9.0 Tf [( function online. )] TJ ET 0.373 0.169 0.255 rg BT 61.016 560.497 Td /F4 9.0 Tf [(http://www.ted.com/talks/lorrie_faith_cranor_what_s_wrong_with_your_pa_w0rd)] TJ ET 0.18 w 0 J [ ] 0 d 61.016 559.346 m 379.634 559.346 l S 0.400 0.400 0.400 rg BT 61.016 542.008 Td /F2 9.0 Tf [(Posted in:Security | Tagged:Online Security,Password | With 0 comments)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 12 0 obj << /Type /Annot /Subtype /Link /A 13 0 R /Border [0 0 0] /H /I /Rect [ 254.6147 614.6092 362.1377 623.7667 ] >> endobj 13 0 obj << /Type /Action /S /URI /URI (http://www.scs.cmu.edu/) >> endobj 14 0 obj << /Type /Annot /Subtype /Link /A 15 0 R /Border [0 0 0] /H /I /Rect [ 113.0447 570.6532 128.0387 579.8107 ] >> endobj 15 0 obj << /Type /Action /S /URI /URI (https://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki Pages/Change password.aspx) >> endobj 16 0 obj << /Type /Annot /Subtype /Link /A 17 0 R /Border [0 0 0] /H /I /Rect [ 207.5807 570.6532 241.0967 579.8107 ] >> endobj 17 0 obj << /Type /Action /S /URI /URI (http://midtier.sun.ac.za/passwordmanagement/ ) >> endobj 18 0 obj << /Type /Annot /Subtype /Link /A 19 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 559.6642 379.6337 568.8217 ] >> endobj 19 0 obj << /Type /Action /S /URI /URI (http://www.ted.com/talks/lorrie_faith_cranor_what_s_wrong_with_your_pa_w0rd) >> endobj xref 0 20 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000305 00000 n 0000000334 00000 n 0000000472 00000 n 0000000575 00000 n 0000003394 00000 n 0000003506 00000 n 0000003621 00000 n 0000003741 00000 n 0000003849 00000 n 0000003977 00000 n 0000004052 00000 n 0000004180 00000 n 0000004310 00000 n 0000004438 00000 n 0000004535 00000 n 0000004662 00000 n trailer << /Size 20 /Root 1 0 R /Info 5 0 R >> startxref 4789 %%EOF password « Informasietegnologie
Language:
SEARCH
  • Recent Posts

  • Categories

  • Archives

password

Cybersecurity Awareness Month: Creating strong passwords

Tuesday, October 5th, 2021

Before we pointed out that most people underestimate the importance of having a secure password, and still make the mistake of using simple words and numbers as a password.

Keep in mind that your email and social network accounts contain very personal information about you. You must have a strong password to keep your personal life personal, and not become a victim of identity theft. 

  • Using email or your profile on Facebook, Whatsapp or Google, hackers can and do, extract a huge amount of personal data of your personal “online” life.
  • If you use the same password for multiple online accounts, you run the risk, if this password is hacked, of all your online accounts being compromised.
  • Using a personal name for an online account, the name of the city that you live in, the names of your children or your date of birth, give hackers vital clues for attempting to access your personal data.
  • For an average expert hacker, it is always easy to find passwords that are made up of words from the English vocabulary or other languages, using a basic technique called “brute force” or “dictionary” attacks.

What makes a password safe?

  1. A password at least 8 characters long.
  2. The password does not contain information that is easy to find online, such as the date of birth, the telephone number, your spouse’s name, the name of a pet, or a child’s name.
  3. The password does not contain words found in the dictionary.
  4. The password contains special characters like @ # $% ^ &, and numbers.
  5. The password uses a combination of uppercase and lowercase letters.

A trick that the experts use to create secure passwords:

Think of a phrase and use the first letters of the words in the phrase.

  • For example: “In South Africa, a barbecue is called a Braai!”
  • Take the first letters of each word and the password that is created is ISAabicaB!
  • This will be very difficult to guess, but easy to remember.
  • At this point, you can decide to make your the Google password is ISAabicaB!-G,  and Facebook ISAabicaB!-F and your university account  ISAabicaB!-US and so on.
  • There is already a capital letter and a special character (!), so you just need to add a number to finish off a good password like 9-ISAabicaB!-US (9 could be the month you created the password in – for example)

You will have already made your password a lot more difficult to hack, and it can be a lot of fun to create. 

Step Up to Stronger Passwords

Tuesday, October 5th, 2021

Weak and reused passwords continue to be a common entry point for account or identity takeover and network intrusions. Simple steps and tools exist to help you achieve unique, strong passwords for your accounts.

 A password is often all that stands between you and sensitive data. It’s also often all that stands between a cyber criminal and your account. Below are tips to help you create stronger passwords, manage them more easily, and take one further step to protect against account theft.

  • Always: Use a unique password for each account so one compromised password does not put all of your accounts at risk of takeover.
  • Good: A good password is 10 or more characters in length, with a combination of uppercase and lowercase letters, plus numbers and/or symbols — such as pAMPh$3let. Complex passwords can be challenging to remember for even one site, let alone using multiple passwords for multiple sites; strong passwords are also difficult to type on a smartphone keyboard (for an easy password management option, see “best” below).
  • Better: A passphrase uses a combination of words to achieve a length of 20 or more characters. That additional length makes it’s exponentially harder for hackers to crack, yet a passphrase is easier for you to remember and more natural to type. To create a passphrase, generate four or more random words from a dictionary, mix in uppercase letters, and add a number or symbol to make it even stronger — such as rubbishconsiderGREENSwim$3. You’ll still find it challenging to remember multiple passphrases, though, so read on.
  • Best: The strongest passwords are created by password managers — software that generates and keeps track of complex and unique passwords for all of your accounts. All you need to remember is one complex password or passphrase to access your password manager. With a password manager, you can look up passwords when you need them, copy and paste from the vault, or use functionality within the software to log you in automatically. Best practice is to add two-step verification to your password manager account. Keep reading!
  • Step it up! When you use two-step verification (a.k.a., two-factor authentication or login approval), a stolen password doesn’t result in a stolen account. Anytime your account is logged into from a new device, you receive an authorization check on your smartphone or another registered device. Without that second piece, a password thief can’t get into your account. It’s the single best way to protect your account from cyber criminals.

Resources

 

One password less

Thursday, May 12th, 2016

We have good news for everyone who struggles to remember a plethora of passwords. Soon there will be one less when we simplify AIS/Tera Term’s login procedure.  

This new development means that you will soon be able to log into sun022, the system which, among others, hosts Tera Term, with your standard network username and password.

Phase one of the process is a “soft roll-out”, where SSO (Same Sign On) will be implemented. During this period, you will still be able to log in with your network username or, until it expires, with your existing AIS username. When your AIS password expires, the IT Service desk will not be able to reset it and you will have to start using your network username and password.

The primary AIS usernames of current AIS users (with more than one AIS username) will be connected to their network username.

After SSO is implemented, newly created AIS users’ usernames will be set to their SU number. This also implies that AIS usernames, roles, and functions will not be reused.

Take note that passwords for these functions should not be shared among staff and that, in doing so, the Electronic Communications Policy is violated. The new SSO approach also means that one password will give also give you access to your private Human Resources information. In other words, if you share your password, you also share your personal information.

For any enquiries, please contact the IT Service desk at 808 4367.

What’s wrong with your password?

Friday, October 10th, 2014

Passwords are an important aspect of computer security and your electronic key to the network of Stellenbosch University. But which passwords work best? 

Lorrie Faith Cranor is a security researcher and an Associate Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University. In March of this year she presented a TED talk on her study of thousands of real passwords to figure out the surprising, very common mistakes that users — and secured sites — make to compromise security.

Watch her very interesting talk on her research on passwords below. After watching Lorrie’s talk you might also want to change your own password. On how to do that and more password tips, have a look at our wiki or make use of the self help function online.

http://www.ted.com/talks/lorrie_faith_cranor_what_s_wrong_with_your_pa_w0rd

Password synchronisation giving you a headache?

Friday, August 31st, 2012

Every 90 days you receive an email from helpinfo@sun.ac.za asking you nicely to change your password. We all know that, although it’s a bit of a nuisance, it’s also necessary for security reasons. But is there a way to simplify the process?

In 2007 Microsoft Research conducted a study and found that the average user has 6.5 internet passwords, each person has approximately 25 accounts with passwords and has to enter 8 passwords per day.  And this was in 2007 – imagine what the statistics will look like 5 years later.

If you use more than one device, password changes can become a nightmare. But there are a few steps you can follow to make sure it goes a bit smoother.

Switch off all your devices except for one, for example your laptop.

Sign on at http://www.sun.ac.za/useradm, select the Change Password option and select a new password according to the guidelines supplied on the website. Log out of the network with the Logout option given on http://www.sun.ac.za/useradm. Log onto the network with your new password. Make sure you can access all your network applications – email, internet and networkspace. Switch on all the other devices and type in your new password.

Remember, you can change your password any time at http://www.sun.ac.za/useradm with the Change Password option. Try to stick to the guidelines to ensure you have a secure password – it will safe you a lot of effort and frustration in the long run. If you’ve forgotten your password, you can also reset is by browsing to staff portal.

More information and hints on password changes can be found at https://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki%20Pages/Change%20password.aspx

 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.