Why Change Your Password?
A letter to all affiliates from Johns Hopkins Enterprise
Network Services
When was the last time you changed your password? If
you're like most of us, it's been more than six months. For
others, it may have been years. In any case, changing
passwords on a regular basis is important for ensuring that
your account is secure.
Over the last several months and years, we have seen a
rise in the number of attacks on systems and data. What's
more, the attacks are more serious. Loss or compromise of
private data is not only embarrassing, it can create
financial and legal liabilities. Moreover, accounts
protected by your password often contain personal
information about you. An e-mail password is the key to all
the e-mail in your inbox and outbox. Most of us would like
to keep intruders away from our files and correspondence.
Good password practices, such as choosing hard-to-guess
passwords and password changes, are instrumental in good
security.
Because of the impact that strong passwords--for
example, scrambled letters and numbers--have on the
security of information at the institutions, new password
policies were enabled for the Johns Hopkins Enterprise
Directory, or JHED, in March 2005. The new policy
states:
Passwords should change every six months.
They should be a minimum of eight characters.
Passwords should contain at least two numbers and two
letters.
Nearly everyone affiliated with Johns Hopkins has a
JHED account. JHED accounts are used to access a large
number of computer resources including JH-Secure VPN,
wireless network access, GroupWise and JHEM e-mail, e210,
effort reporting, WebIRB, financial Web reporting, Web
registration, Windows logon (active directory) and many
others. The list of applications using JHED for
authentication is growing all the time and will include
HopkinsOne as
well as the
Internet Student
Information System, known as ISIS.
From now on, your password will expire six months
after it was last changed. You may choose to change your
password prior to expiration or you can wait the full six
months and let the password expire. In either case, you can
change your password by going to
jhed.johnshopkins.edu/ChangeMyPassword log in (even
with your expired password) and follow instructions.
When your password is about to expire, you will
receive e-mail notifications 21 days prior to expiration,
14 days prior to expiration, seven days prior to expiration
and every day within three days of expiration. You must
have an e-mail address listed in JHED to receive the
notifications. To add or change your e-mail address in
JHED, go to
jhed.johnshopkins.edu/MyInfo.
For detailed instructions on how to change your password,
go to
jhed.johnshopkins.edu/PasswordHelp.
If you need additional assistance, contact jhed@jhmi.edu or the Help
Desk at 410-516-HELP or 410-955-HELP.
GO TO SEPTEMBER 26,
2005
TABLE OF CONTENTS.
GO TO THE GAZETTE
FRONT PAGE.
|