|
From
the Experts
A regular section in AnteaterNews, “From the Expert” highlights
various areas
relating to your UCI student. Different topics will be covered in each issue.
UCI Identity Security
By Stephen D. Franklin, Director of Academic Outreach, Network & Academic Computing Services
With all the (much needed) popular press coverage of "identity theft" and "ID security," it is sometimes easy to overlook simple steps that a UCI student can take to safeguard access to his/her UCI electronic identity as embodied in his/her UCInetID.
Each UCI student, faculty, and staff member has his/her own UCINetID. Together with a personally chosen password, it provides access to the full range of UCI online services: e-mail, course websites, registering for courses, the campus wireless network, etc. A person&rssquo;s UCInetID and password is how that person is identified as a member of the UCI community. Anyone who knows someone's UCInetID and password can effectively “be” that person in terms of online presence and actions. The possibilities for mischievous and even malevolent misrepresentation are obvious and not merely hypothetical.
So what is a student to do? Fortunately, there are some relatively simple steps to take which greatly limit risk, although risk can never be eliminated entirely. Here they are.
- Don’t share your password.
A surprising (and distressingly large) number of people allow others else to use their passwords because it is “convenient” or “friendly” or “something you do because you trust the person.” Even “trustworthy” people may write down something they don’t use regularly and if a password’s owner thinks “sharing it with a friend” is OK, well that friend may follow the example and “share” it with another friend and …
- Pick a password that is easy for you to remember but that (a) doesn’t appear in any dictionary and (b) would be very hard for anyone to guess.
“Mixtures of upper and lower case letters with numbers and special characters” is the standard advice, but how can that be easy for you to remember? One way is to build from some phrase or other thing you can remember or want to learn to remember. “Mary had a little Lamb, whose Fleece was white as Snow” can be come “Mha1L,wFwwaS” with nouns capitalized and the “l” in “little” changed to a “1.”
- Use different passwords for different logins/accounts.
The passwords need not be radically different. Instead of a "little Lamb" (“1L”), Mary might have a “small Cat” (“5C”), and it might be “Jerry” (“J”) instead of “Mary” (“M”).
There are other rules for “good password practices” (just google “good password practices”), but these three are a very good package in themselves. The first states something whose obviousness makes emphasizing it all the more important. The second two invite and emphasize a certain
amount of thought and a concomitant “security awareness” about a too commonly compromised component of ID security.
< Return
to Previous Page |
