%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20220121194406+00'00') /ModDate (D:20220121194406+00'00') /Title (IT-artikels) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Annots [ 11 0 R 13 0 R 15 0 R 17 0 R ] /Contents 7 0 R >> endobj 7 0 obj << /Length 2731 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 441.673 521.469 305.061 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 442.048 520.719 304.311 re S 0.773 0.773 0.773 rg 61.016 617.359 m 550.984 617.359 l 550.984 618.109 l 61.016 618.109 l f 1.000 1.000 1.000 rg BT 278.868 698.693 Td /F1 10.5 Tf [(POST LIST)] TJ ET 0.200 0.200 0.200 rg BT 212.789 670.111 Td /F1 14.4 Tf [(INFORMASIETEGNOLOGIE)] TJ ET BT 221.824 643.466 Td /F1 11.7 Tf [(INFORMATION TECHNOLOGY)] TJ ET BT 61.016 583.841 Td /F1 14.4 Tf [(WHATS WRONG WITH YOUR PASSWORD?)] TJ ET 0.267 0.267 0.267 rg BT 61.016 555.033 Td /F3 9.0 Tf [(Passwords are an important aspect of computer security and your electronic key to the)] TJ ET BT 408.164 555.033 Td /F3 9.0 Tf [(network of Stellenbosch University.)] TJ ET BT 61.016 544.044 Td /F3 9.0 Tf [(But which passwords work best?)] TJ ET 0.400 0.400 0.400 rg BT 194.063 544.044 Td /F3 9.0 Tf [( Lorrie Faith Cranor is a security researcher and an Associate Professor of Computer )] TJ ET BT 61.016 533.055 Td /F3 9.0 Tf [(Science and of Engineering and Public Policy at)] TJ ET 0.373 0.169 0.255 rg BT 254.615 533.055 Td /F3 9.0 Tf [(Carnegie Mellon University)] TJ ET 0.373 0.169 0.255 RG 0.18 w 0 J [ ] 0 d 254.615 531.904 m 362.138 531.904 l S 0.400 0.400 0.400 rg BT 362.138 533.055 Td /F3 9.0 Tf [(. In March of this year she presented a TED )] TJ ET BT 61.016 522.066 Td /F3 9.0 Tf [(talk on her study of thousands of real passwords to figure out the surprising, very common mistakes that users and )] TJ ET BT 61.016 511.077 Td /F3 9.0 Tf [(secured sites make to compromise security. Watch her very interesting talk on her research on passwords below. After )] TJ ET BT 61.016 500.088 Td /F3 9.0 Tf [(watching Lorrie's talk you might also want to change your own password. On how to do that and more password tips, have )] TJ ET BT 61.016 489.099 Td /F3 9.0 Tf [(a look at our )] TJ ET 0.373 0.169 0.255 rg BT 113.045 489.099 Td /F3 9.0 Tf [(wiki)] TJ ET 0.18 w 0 J [ ] 0 d 113.045 487.948 m 128.039 487.948 l S 0.400 0.400 0.400 rg BT 128.039 489.099 Td /F3 9.0 Tf [(or make use of the )] TJ ET 0.373 0.169 0.255 rg BT 207.581 489.099 Td /F3 9.0 Tf [(self help)] TJ ET 0.18 w 0 J [ ] 0 d 207.581 487.948 m 241.097 487.948 l S 0.400 0.400 0.400 rg BT 241.097 489.099 Td /F3 9.0 Tf [( function online. )] TJ ET 0.373 0.169 0.255 rg BT 61.016 478.110 Td /F3 9.0 Tf [(http://www.ted.com/talks/lorrie_faith_cranor_what_s_wrong_with_your_pa_w0rd)] TJ ET 0.18 w 0 J [ ] 0 d 61.016 476.959 m 379.634 476.959 l S 0.400 0.400 0.400 rg BT 61.016 459.621 Td /F3 9.0 Tf [(Posted in:Security | Tagged:Online Security,Password | With 0 comments)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Annot /Subtype /Link /A 12 0 R /Border [0 0 0] /H /I /Rect [ 254.6147 532.2226 362.1377 541.3801 ] >> endobj 12 0 obj << /Type /Action /S /URI /URI (http://www.scs.cmu.edu/) >> endobj 13 0 obj << /Type /Annot /Subtype /Link /A 14 0 R /Border [0 0 0] /H /I /Rect [ 113.0447 488.2666 128.0387 497.4241 ] >> endobj 14 0 obj << /Type /Action /S /URI /URI (https://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki Pages/Change password.aspx) >> endobj 15 0 obj << /Type /Annot /Subtype /Link /A 16 0 R /Border [0 0 0] /H /I /Rect [ 207.5807 488.2666 241.0967 497.4241 ] >> endobj 16 0 obj << /Type /Action /S /URI /URI (http://midtier.sun.ac.za/passwordmanagement/ ) >> endobj 17 0 obj << /Type /Annot /Subtype /Link /A 18 0 R /Border [0 0 0] /H /I /Rect [ 61.0157 477.2776 379.6337 486.4351 ] >> endobj 18 0 obj << /Type /Action /S /URI /URI (http://www.ted.com/talks/lorrie_faith_cranor_what_s_wrong_with_your_pa_w0rd) >> endobj xref 0 19 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000294 00000 n 0000000323 00000 n 0000000458 00000 n 0000000561 00000 n 0000003344 00000 n 0000003456 00000 n 0000003563 00000 n 0000003679 00000 n 0000003807 00000 n 0000003882 00000 n 0000004010 00000 n 0000004140 00000 n 0000004268 00000 n 0000004365 00000 n 0000004492 00000 n trailer << /Size 19 /Root 1 0 R /Info 5 0 R >> startxref 4619 %%EOF password « Informasietegnologie
  • Recent Posts

  • Categories

  • Archives


Cybersecurity Awareness Month: Creating strong passwords

Tuesday, October 5th, 2021

Before we pointed out that most people underestimate the importance of having a secure password, and still make the mistake of using simple words and numbers as a password.

Keep in mind that your email and social network accounts contain very personal information about you. You must have a strong password to keep your personal life personal, and not become a victim of identity theft. 

  • Using email or your profile on Facebook, Whatsapp or Google, hackers can and do, extract a huge amount of personal data of your personal “online” life.
  • If you use the same password for multiple online accounts, you run the risk, if this password is hacked, of all your online accounts being compromised.
  • Using a personal name for an online account, the name of the city that you live in, the names of your children or your date of birth, give hackers vital clues for attempting to access your personal data.
  • For an average expert hacker, it is always easy to find passwords that are made up of words from the English vocabulary or other languages, using a basic technique called “brute force” or “dictionary” attacks.

What makes a password safe?

  1. A password at least 8 characters long.
  2. The password does not contain information that is easy to find online, such as the date of birth, the telephone number, your spouse’s name, the name of a pet, or a child’s name.
  3. The password does not contain words found in the dictionary.
  4. The password contains special characters like @ # $% ^ &, and numbers.
  5. The password uses a combination of uppercase and lowercase letters.

A trick that the experts use to create secure passwords:

Think of a phrase and use the first letters of the words in the phrase.

  • For example: “In South Africa, a barbecue is called a Braai!”
  • Take the first letters of each word and the password that is created is ISAabicaB!
  • This will be very difficult to guess, but easy to remember.
  • At this point, you can decide to make your the Google password is ISAabicaB!-G,  and Facebook ISAabicaB!-F and your university account  ISAabicaB!-US and so on.
  • There is already a capital letter and a special character (!), so you just need to add a number to finish off a good password like 9-ISAabicaB!-US (9 could be the month you created the password in – for example)

You will have already made your password a lot more difficult to hack, and it can be a lot of fun to create. 

Step Up to Stronger Passwords

Tuesday, October 5th, 2021

Weak and reused passwords continue to be a common entry point for account or identity takeover and network intrusions. Simple steps and tools exist to help you achieve unique, strong passwords for your accounts.

 A password is often all that stands between you and sensitive data. It’s also often all that stands between a cyber criminal and your account. Below are tips to help you create stronger passwords, manage them more easily, and take one further step to protect against account theft.

  • Always: Use a unique password for each account so one compromised password does not put all of your accounts at risk of takeover.
  • Good: A good password is 10 or more characters in length, with a combination of uppercase and lowercase letters, plus numbers and/or symbols — such as pAMPh$3let. Complex passwords can be challenging to remember for even one site, let alone using multiple passwords for multiple sites; strong passwords are also difficult to type on a smartphone keyboard (for an easy password management option, see “best” below).
  • Better: A passphrase uses a combination of words to achieve a length of 20 or more characters. That additional length makes it’s exponentially harder for hackers to crack, yet a passphrase is easier for you to remember and more natural to type. To create a passphrase, generate four or more random words from a dictionary, mix in uppercase letters, and add a number or symbol to make it even stronger — such as rubbishconsiderGREENSwim$3. You’ll still find it challenging to remember multiple passphrases, though, so read on.
  • Best: The strongest passwords are created by password managers — software that generates and keeps track of complex and unique passwords for all of your accounts. All you need to remember is one complex password or passphrase to access your password manager. With a password manager, you can look up passwords when you need them, copy and paste from the vault, or use functionality within the software to log you in automatically. Best practice is to add two-step verification to your password manager account. Keep reading!
  • Step it up! When you use two-step verification (a.k.a., two-factor authentication or login approval), a stolen password doesn’t result in a stolen account. Anytime your account is logged into from a new device, you receive an authorization check on your smartphone or another registered device. Without that second piece, a password thief can’t get into your account. It’s the single best way to protect your account from cyber criminals.



One password less

Thursday, May 12th, 2016

We have good news for everyone who struggles to remember a plethora of passwords. Soon there will be one less when we simplify AIS/Tera Term’s login procedure.  

This new development means that you will soon be able to log into sun022, the system which, among others, hosts Tera Term, with your standard network username and password.

Phase one of the process is a “soft roll-out”, where SSO (Same Sign On) will be implemented. During this period, you will still be able to log in with your network username or, until it expires, with your existing AIS username. When your AIS password expires, the IT Service desk will not be able to reset it and you will have to start using your network username and password.

The primary AIS usernames of current AIS users (with more than one AIS username) will be connected to their network username.

After SSO is implemented, newly created AIS users’ usernames will be set to their SU number. This also implies that AIS usernames, roles, and functions will not be reused.

Take note that passwords for these functions should not be shared among staff and that, in doing so, the Electronic Communications Policy is violated. The new SSO approach also means that one password will give also give you access to your private Human Resources information. In other words, if you share your password, you also share your personal information.

For any enquiries, please contact the IT Service desk at 808 4367.

What’s wrong with your password?

Friday, October 10th, 2014

Passwords are an important aspect of computer security and your electronic key to the network of Stellenbosch University. But which passwords work best? 

Lorrie Faith Cranor is a security researcher and an Associate Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University. In March of this year she presented a TED talk on her study of thousands of real passwords to figure out the surprising, very common mistakes that users — and secured sites — make to compromise security.

Watch her very interesting talk on her research on passwords below. After watching Lorrie’s talk you might also want to change your own password. On how to do that and more password tips, have a look at our wiki or make use of the self help function online.


Password synchronisation giving you a headache?

Friday, August 31st, 2012

Every 90 days you receive an email from helpinfo@sun.ac.za asking you nicely to change your password. We all know that, although it’s a bit of a nuisance, it’s also necessary for security reasons. But is there a way to simplify the process?

In 2007 Microsoft Research conducted a study and found that the average user has 6.5 internet passwords, each person has approximately 25 accounts with passwords and has to enter 8 passwords per day.  And this was in 2007 – imagine what the statistics will look like 5 years later.

If you use more than one device, password changes can become a nightmare. But there are a few steps you can follow to make sure it goes a bit smoother.

Switch off all your devices except for one, for example your laptop.

Sign on at http://www.sun.ac.za/useradm, select the Change Password option and select a new password according to the guidelines supplied on the website. Log out of the network with the Logout option given on http://www.sun.ac.za/useradm. Log onto the network with your new password. Make sure you can access all your network applications – email, internet and networkspace. Switch on all the other devices and type in your new password.

Remember, you can change your password any time at http://www.sun.ac.za/useradm with the Change Password option. Try to stick to the guidelines to ensure you have a secure password – it will safe you a lot of effort and frustration in the long run. If you’ve forgotten your password, you can also reset is by browsing to staff portal.

More information and hints on password changes can be found at https://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki%20Pages/Change%20password.aspx


© 2013-2022 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.