Benchmarks Online

Skip Navigation Links

Page One

Campus Computing

New and Improved Microsoft Elearning Titles Available to Faculty and Staff

TurnItIn.com: Don't Be Cheated On!

Pedagogy 101 for Distance Learning

Spring Break Hours

Today's Cartoon

RSS Matters

The Network Connection

Link of the Month

WWW@UNT.EDU

Short Courses

IRC News

Staff Activities

Subscribe to Benchmarks Online
    

Network Connection

By Dr. Philip Baczewski, Director of  Academic Computing and User Services

Why Strong Passwords?*

Since November, students and employees with a UNT Enterprise UserID (EUID) have been required to change or reset their password to a new value. The new passwords have required a mixture of upper case and lower case letters, numbers, and punctuation. In addition, passwords cannot consist of or contain words found in the dictionary or in use within conversational or technical language.

This change may lead to a number of questions. Why the strong passwords? Why this inconvenience? Why does this have to be so complex? Why should I care about passwords? For some time now, UNT has been working toward use of a single ID and password for access to the computing systems that students and employees use on campus. Because so much of our activities involve computers and information systems, we've been trying to avoid a proliferation of IDs and passwords which would make it even more difficult to keep track of what ID you use for what system. Students use their EUID to log into EagleMail, WebCT (for online courses), my.unt.edu (for registration, schedules, grades, etc.), Eaglenet (wireless network), UNT Student Storage (online file storage), and a number of other services.

The addition of my.unt.edu to the online tool set makes it particularly important to protect online access via your EUID. My.unt.edu is becoming the hub of a student's management of their educational experience at UNT. It's where you register, apply for financial aid, pay your tuition, view your grades, and maintain your personal information. It's a student's access to their University education. It also, by necessity, holds information that is unique to your identity. Such a resource is worth protecting.

Do passwords matter? The answer is yes. We've had computers on this campus which were broken into because a computer program was able to guess the password. Purdue University changed about 55,000 user passwords without notice because passwords had been compromised on their systems. George Mason University was in the news recently because their ID card system was broken into exposing 32,000 names and social security numbers to potential theft. A system at the University of Texas was broken into because they used social security numbers as the only basis for access, allowing thousands of people's personal information to be exposed to theft.

But, are strong passwords worth the inconvenience? Yes again. Do you lock your house or apartment? Do you lock your car? Do those locks prevent a determined individual from breaking into your home or auto? No, but the more difficult you make a break-in, the less likely it is that someone will spend the extra time or effort to break in. It's the same with computer security. Right now, it takes little computer effort to "crack" a password which is a common word or name. A strong password is a better lock on the door. It will make it a lot less likely that someone can break in. Just like in the physical world, virtual intruders will seek an easier target.

It's not really that hard to create a secure and memorable password once you've done it a few times. A couple of methods for doing so include interjecting special characters into words to make them unrecognizable to a dictionary match, interleaving two words or words and numbers, or taking the first letter of each word of a phrase. You might express your fan loyalty with "G0E@gles!", prove that oil and water do mix with "+oHi2lO+", or recall your childhood music lessons with "Egbdf!". (These are now some very public examples, so don't use them for your password.)

UNT is a leader among Texas universities in providing online education. Our General Access Lab system is the envy of many other schools. Our PeopleSoft EIS project, although still a work in progress, has been made functional in a shorter amount of time and with a lower budget than many other schools undergoing the same transformation. All of these efforts put UNT in the position of leading the way to the online world, rather than just trying to keep up. Part of that new online world includes a need to guard the door to keep it a secure and useful place.

The Internet is long past being a small town. Our Internet neighbors are as likely to be in Brazil as in Bedford. And not all our neighbors are friendly. We can't afford to leave the doors unlocked any more. This online world we're building holds your identity, your education, and perhaps your future. That's the reason for strong passwords.


* Reprinted with permission from the January 20, 2005 edition of the NT Daily.

 

Return to top