SEARCH
  • [:en]Recent Posts[:af]Onlangse bydraes

  • [:en]Categories[:af]Kategorieë

  • [:en]Archives[:af]Argiewe

password

[:en]Cybersecurity Awareness Month: Creating strong passwords[:]

Tuesday, October 5th, 2021

[:en]

Before we pointed out that most people underestimate the importance of having a secure password, and still make the mistake of using simple words and numbers as a password.

Keep in mind that your email and social network accounts contain very personal information about you. You must have a strong password to keep your personal life personal, and not become a victim of identity theft. 

  • Using email or your profile on Facebook, Whatsapp or Google, hackers can and do, extract a huge amount of personal data of your personal “online” life.
  • If you use the same password for multiple online accounts, you run the risk, if this password is hacked, of all your online accounts being compromised.
  • Using a personal name for an online account, the name of the city that you live in, the names of your children or your date of birth, give hackers vital clues for attempting to access your personal data.
  • For an average expert hacker, it is always easy to find passwords that are made up of words from the English vocabulary or other languages, using a basic technique called “brute force” or “dictionary” attacks.

What makes a password safe?

  1. A password at least 8 characters long.
  2. The password does not contain information that is easy to find online, such as the date of birth, the telephone number, your spouse’s name, the name of a pet, or a child’s name.
  3. The password does not contain words found in the dictionary.
  4. The password contains special characters like @ # $% ^ &, and numbers.
  5. The password uses a combination of uppercase and lowercase letters.

A trick that the experts use to create secure passwords:

Think of a phrase and use the first letters of the words in the phrase.

  • For example: “In South Africa, a barbecue is called a Braai!”
  • Take the first letters of each word and the password that is created is ISAabicaB!
  • This will be very difficult to guess, but easy to remember.
  • At this point, you can decide to make your the Google password is ISAabicaB!-G,  and Facebook ISAabicaB!-F and your university account  ISAabicaB!-US and so on.
  • There is already a capital letter and a special character (!), so you just need to add a number to finish off a good password like 9-ISAabicaB!-US (9 could be the month you created the password in – for example)

You will have already made your password a lot more difficult to hack, and it can be a lot of fun to create. 

[:]

[:en]Step Up to Stronger Passwords[:]

Tuesday, October 5th, 2021

[:en]

Weak and reused passwords continue to be a common entry point for account or identity takeover and network intrusions. Simple steps and tools exist to help you achieve unique, strong passwords for your accounts.

 A password is often all that stands between you and sensitive data. It’s also often all that stands between a cyber criminal and your account. Below are tips to help you create stronger passwords, manage them more easily, and take one further step to protect against account theft.

  • Always: Use a unique password for each account so one compromised password does not put all of your accounts at risk of takeover.
  • Good: A good password is 10 or more characters in length, with a combination of uppercase and lowercase letters, plus numbers and/or symbols — such as pAMPh$3let. Complex passwords can be challenging to remember for even one site, let alone using multiple passwords for multiple sites; strong passwords are also difficult to type on a smartphone keyboard (for an easy password management option, see “best” below).
  • Better: A passphrase uses a combination of words to achieve a length of 20 or more characters. That additional length makes it’s exponentially harder for hackers to crack, yet a passphrase is easier for you to remember and more natural to type. To create a passphrase, generate four or more random words from a dictionary, mix in uppercase letters, and add a number or symbol to make it even stronger — such as rubbishconsiderGREENSwim$3. You’ll still find it challenging to remember multiple passphrases, though, so read on.
  • Best: The strongest passwords are created by password managers — software that generates and keeps track of complex and unique passwords for all of your accounts. All you need to remember is one complex password or passphrase to access your password manager. With a password manager, you can look up passwords when you need them, copy and paste from the vault, or use functionality within the software to log you in automatically. Best practice is to add two-step verification to your password manager account. Keep reading!
  • Step it up! When you use two-step verification (a.k.a., two-factor authentication or login approval), a stolen password doesn’t result in a stolen account. Anytime your account is logged into from a new device, you receive an authorization check on your smartphone or another registered device. Without that second piece, a password thief can’t get into your account. It’s the single best way to protect your account from cyber criminals.

Resources

 

[:]

[:en]One password less[:af]Een wagwoord minder

Thursday, May 12th, 2016

[:en]

We have good news for everyone who struggles to remember a plethora of passwords. Soon there will be one less when we simplify AIS/Tera Term’s login procedure.  

This new development means that you will soon be able to log into sun022, the system which, among others, hosts Tera Term, with your standard network username and password.

Phase one of the process is a “soft roll-out”, where SSO (Same Sign On) will be implemented. During this period, you will still be able to log in with your network username or, until it expires, with your existing AIS username. When your AIS password expires, the IT Service desk will not be able to reset it and you will have to start using your network username and password.

The primary AIS usernames of current AIS users (with more than one AIS username) will be connected to their network username.

After SSO is implemented, newly created AIS users’ usernames will be set to their SU number. This also implies that AIS usernames, roles, and functions will not be reused.

Take note that passwords for these functions should not be shared among staff and that, in doing so, the Electronic Communications Policy is violated. The new SSO approach also means that one password will give also give you access to your private Human Resources information. In other words, if you share your password, you also share your personal information.

For any enquiries, please contact the IT Service desk at 808 4367.

[:af]

Ons het goeie nuus as jy moeg is om daagliks ʼn stroom wagwoorde te probeer onthou. Binnekort is daar een minder wanneer ons die AIS/Tera Term aantekenmetode vergemaklik. 

Die aanpassing van die aantekenproses beteken dat jy voortaan met jou gewone netwerkgebruikersnaam en -wagwoord sal kan aanteken by sun022, die stelsel wat, onder andere, Tera Term huisves. 

Die eerste fase van die proses is ʼn “soft roll-out”, waar SSO (Same Sign On) implementeer word. Gedurende hierdie tydperk sal jy met jou netwerk of steeds met jou bestaande AIS gebruikersnaam, totdat dit verval, kan aanteken. Indien jou AIS wagwoord verval, sal dit nie deur die IT Dienstoonbank-agente herset kan word nie en jy sal jou netwerkgebruikersnaam en -wagwoord moet begin gebruik. 

Huidige AIS gebruikers (met meer as een AIS gebruikersnaam) se primêre AIS-gebruikersnaam sal gekoppel word aan hulle netwerkgebruikersnaam.

Nadat SSO implementeer is, sal nuutgeskepte AIS gebruikers se gebruikersname programaties gestel word na hul US nommer. Dit impliseer ook dat AIS gebruikername, -rolle en -funksies nie hergebruik sal kan word nie. 

Neem kennis dat wagwoorde vir hierdie funksies nie gedeel mag word tussen personeel nie en dat indien dit wel gedoen word, dit die Elektroniese Kommunikasiebeleid oortree. Die SSO-benadering beteken ook dat een wagwoord toegang gee tot jou private Menslike Hulpbronne inligting. Indien jy dus jou wagwoord deel, deel jy ook jou persoonlike inligting.

Nuwe addisionele identiteite moet eerder op SUNiD geskep word.  

Vir enige verdere navrae, kontak gerus die IT Dienstoonbank by 808 4367.

 

What’s wrong with your password?Wat is verkeerd met jou wagwoord?

Friday, October 10th, 2014

Passwords are an important aspect of computer security and your electronic key to the network of Stellenbosch University. But which passwords work best? 

Lorrie Faith Cranor is a security researcher and an Associate Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University. In March of this year she presented a TED talk on her study of thousands of real passwords to figure out the surprising, very common mistakes that users — and secured sites — make to compromise security.

Watch her very interesting talk on her research on passwords below. After watching Lorrie’s talk you might also want to change your own password. On how to do that and more password tips, have a look at our wiki or make use of the self help function online.

http://www.ted.com/talks/lorrie_faith_cranor_what_s_wrong_with_your_pa_w0rd

Wagwoorde is `n belangrike komponent van rekenaarsekuriteit en jou elektroniese sleutel to Universiteit Stellenbosch se netwerk. Maar watter wagwoorde is die mees effektief?

Lorrie Faith Cranor is `n sekuriteitsnavorser en `n Mede-professor in Rekenaarwetenskap en van Ingenieurswese en Openbare beleid by die Carnegie Mellon Universiteit. In Maart vanjaar het sy `n TED Talks aanbieding gegee oor haar studie van duisende oorspronklike wagwoorde om vas te stel watter verrassende, baie algemene foute gebruikers, sowel as veilige webwerwe, maak en sekuriteitsrisikos veroorsaak.

Kyk gerus onder na haar interessante gevolgtrekkings oor wagwoorde. Jy mag moontlik daarna jou eie wagwoord wil hersien. Instruksies oor hoe om dit te doen kan op ons wiki gedoen word of probeer die selfhelp-funksie aanlyn.

http://www.ted.com/talks/lorrie_faith_cranor_what_s_wrong_with_your_pa_w0rd

Password synchronisation giving you a headache?Wagwoordsinkronisasie `n kopseer?

Friday, August 31st, 2012

Every 90 days you receive an email from helpinfo@sun.ac.za asking you nicely to change your password. We all know that, although it’s a bit of a nuisance, it’s also necessary for security reasons. But is there a way to simplify the process?

In 2007 Microsoft Research conducted a study and found that the average user has 6.5 internet passwords, each person has approximately 25 accounts with passwords and has to enter 8 passwords per day.  And this was in 2007 – imagine what the statistics will look like 5 years later.

If you use more than one device, password changes can become a nightmare. But there are a few steps you can follow to make sure it goes a bit smoother.

Switch off all your devices except for one, for example your laptop.

Sign on at http://www.sun.ac.za/useradm, select the Change Password option and select a new password according to the guidelines supplied on the website. Log out of the network with the Logout option given on http://www.sun.ac.za/useradm. Log onto the network with your new password. Make sure you can access all your network applications – email, internet and networkspace. Switch on all the other devices and type in your new password.

Remember, you can change your password any time at http://www.sun.ac.za/useradm with the Change Password option. Try to stick to the guidelines to ensure you have a secure password – it will safe you a lot of effort and frustration in the long run. If you’ve forgotten your password, you can also reset is by browsing to staff portal.

More information and hints on password changes can be found at https://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki%20Pages/Change%20password.aspx

Elke 90 dae kry jy `n e-pos van helpinfo@sun.ac.za wat jou vriendelik versoek om jou wagwoord te verander. Ons almal weet dat, alhoewel dit irriterend is, ook nodig is vir sekuriteitsredes.

`n 2007 studie deur Microsoft se navorsingspan het gevind dat die gemiddelde gebruiker 6.5 wagwoorde op die internet het, dat elke persoon ongeveer 25 rekeninge het wat wagwoorde benodig en gemiddeld 8 wagwoorde per dag moet intik! En dit was in 2007, 5 jaar gelede – dink net hoe lyk daardie syfers teen die tyd.

As jy meer as een toestel gebruik, raak wagwoordverandering `n nagmerrie. Maar daar is `n paar stappe wat jy kan volg om die verandering gladder te laat verloop.

Skakel al die toestelle af, behalwe een, bv. die skootrekenaar.

Teken aan by http://www.sun.ac.za/useradm, selekteer die Change Password opsie, en kies`n nuwe wagwoord volgens die riglyne wat verskaf word.

Teken af van die netwerk met die Logout opsie wat op useradm gegee word.

Teken daarna aan op die netwerk met die nuwe wagwoord.

Maak seker dat alle netwerktoegang (epos, internet, netwerkspasie) suksesvol beskikbaar is.

Skakel die ander toestelle een na die ander aan, verskaf die nuwe wagwoord.

Onthou, jy kan self jou wagwoord enige tyd verander op http://www.sun.ac.za/useradm by die Change Password-opsie. Probeer om te hou by die riglyne wat gegee word om jou wagwoord so veilig moontlik te hou – dit sal jou baie moeite en frustrasie spaar op die lange duur. As jy jou wagwoord heeltemal vergeet het, kan jy dit self verander deur te gaan na die personeelportaal.

Nog wenke vir die verandering van jou wagwoord kan by https://stbsp01.stb.sun.ac.za/innov/it/it-help/Wiki%20Pages/Change%20password.aspx gekry word.