About The Gazette Search Back Issues Contact Us    
The newspaper of The Johns Hopkins University September 26, 2005 | Vol. 35 No. 4
Why Change Your Password?

A letter to all affiliates from Johns Hopkins Enterprise Network Services

When was the last time you changed your password? If you're like most of us, it's been more than six months. For others, it may have been years. In any case, changing passwords on a regular basis is important for ensuring that your account is secure.

Over the last several months and years, we have seen a rise in the number of attacks on systems and data. What's more, the attacks are more serious. Loss or compromise of private data is not only embarrassing, it can create financial and legal liabilities. Moreover, accounts protected by your password often contain personal information about you. An e-mail password is the key to all the e-mail in your inbox and outbox. Most of us would like to keep intruders away from our files and correspondence. Good password practices, such as choosing hard-to-guess passwords and password changes, are instrumental in good security.

Because of the impact that strong passwords--for example, scrambled letters and numbers--have on the security of information at the institutions, new password policies were enabled for the Johns Hopkins Enterprise Directory, or JHED, in March 2005. The new policy states:

  • Passwords should change every six months.

  • They should be a minimum of eight characters.

  • Passwords should contain at least two numbers and two letters.

  • Nearly everyone affiliated with Johns Hopkins has a JHED account. JHED accounts are used to access a large number of computer resources including JH-Secure VPN, wireless network access, GroupWise and JHEM e-mail, e210, effort reporting, WebIRB, financial Web reporting, Web registration, Windows logon (active directory) and many others. The list of applications using JHED for authentication is growing all the time and will include HopkinsOne as well as the Internet Student Information System, known as ISIS.

    From now on, your password will expire six months after it was last changed. You may choose to change your password prior to expiration or you can wait the full six months and let the password expire. In either case, you can change your password by going to log in (even with your expired password) and follow instructions.

    When your password is about to expire, you will receive e-mail notifications 21 days prior to expiration, 14 days prior to expiration, seven days prior to expiration and every day within three days of expiration. You must have an e-mail address listed in JHED to receive the notifications. To add or change your e-mail address in JHED, go to

    For detailed instructions on how to change your password, go to

    If you need additional assistance, contact or the Help Desk at 410-516-HELP or 410-955-HELP.


    The Gazette | The Johns Hopkins University | Suite 540 | 901 S. Bond St. | Baltimore, MD 21231 | 443-287-9900 |