Did you know that having an insecure password, clicking on an unknown email attachment or not having up-to-date software could make it possible for someone to…
- …Read all your email or instant messages?
- …View your grades or change your course schedule?
- …Read or change anything on your computer?
- …Read or change anything accessed from your computer?
- …Turn on your computer’s microphone to listen in on conversations?
- …Use your computer for a computer crime for which you may be blamed?
Did you know that University of Idaho computers are scanned constantly from around the world by people looking for computers whose operators have made these mistakes?
The University of Idaho network is “scanned” approximately 450,000 times a day by individuals outside of the university network. This averages to be about 50-60 scans on EVERY computer on the network EVERY day. As an analogy…what type of security would you want for your house if a burglar checked your door 50-60 times a day trying to break-in? Did you also know that the security of your account and computer is largely dependent on how your co-workers and fellow students use their computer and accounts?
The University of Idaho relies on highly secure computing systems for everyday work. This includes sending and receiving email, registering for classes, paying for classes online, sharing documents and files with co-workers and many more critical activities. Having a secure password not only allows you to be safe when computing at the UI but it also keeps your account from being used for illegal activities without your knowledge.
When a single account is compromised on a system it increases the potential to have all accounts on the system compromised. Since you are responsible for your account and password you may be considered responsible for illegal break-in attempts to other accounts.
Even though you may not consider your email, class registration or work activities confidential, many security breaches can involve deletion or corruption of data, mass email (with potentially questionable material) sent from the account and, as mentioned before, the attempted use of the account for illegal break-ins on other systems or accounts.
To ensure the security of mission critical services at the university we have implemented password expiration. When a password expires you will be notified during login to obtain a new password. This was primarily done to make password “cracking,” or guessing, more difficult, but it was also done to comply with independent state auditors on their recommendation to expire passwords.
No, this is a “post-it note” myth. Although it is not recommended that you write down your password on a post-it note and hook it to your monitor, it is far better to have a secure password that may be a little more difficult to remember, than an easy to guess/crack password. Almost 100% of break-in attempts are executed through the computer network and NOT by physical access to a computer in a locked room.
- Use secure passwords for all of your accounts.
- Install Antivirus software and keep it up to date. Visit our AntiVirus software page to learn more.
- Install personal firewall software. Personal firewall software stops attempts from outside computers to connect to services on your machine (that you may not know you are running). Windows has a built in firewall that we recommend you enable. Contact your TSP or SysAd if you're an employee, or the Student Technology Center if you're a student.
- Do not click on unknown email attachments
- Keep your operating system up-to-date. Visit your vendor’s update sites often to check for security patches or allow applications to check for updates.