|
|
# Changing your Password
|
|
|
|
|
|
This page is only for SESYNC employees and postdocs (people with an @sesync.org email address). Researchers and other external collaborators looking to change their password should take a look at our research support site: https://cyberhelp.sesync.org
|
|
|
|
|
|
**Important**: we will NEVER ask for your password. Any email or phone call you to receive pretending to be SESYNC IT staff and asking for your password is fraudulent. Ignore it and talk to SESYNC IT staff if you have any concerns.
|
|
|
|
|
|
## Password policy
|
|
|
|
|
|
In accordance with university policy **SESYNC Users must change password every 180 days**
|
|
|
|
|
|
* You will receive email reminders starting 14 days prior to the expiration of your password.
|
|
|
|
|
|
**Your password should contain:**
|
|
|
|
|
|
* at least 8 characters
|
|
|
* at least 1 lower-case character
|
|
|
* at least 1 upper-case character
|
|
|
* at least one symbol or number
|
|
|
* Your password cannot be one you used before
|
|
|
* Your Password cannot contain any part of your name or username.
|
|
|
* You may not reuse old passwords
|
|
|
|
|
|
**Picking a strong password**
|
|
|
|
|
|
Choosing a password that’s easy to remember yet strong enough not to be easily guessed can often be difficult, there are a few tricks to make this simplier
|
|
|
|
|
|
* Don’t use one word with extra characters, often times it makes it difficult to remember and doesn’t really protect you
|
|
|
* Longer passwords are better.
|
|
|
* Pick a phrase or saying that’s memorable to you, but not common.
|
|
|
* Don’t reuse passwords
|
|
|
* If you use a password manager (See Below), let it handle creating passwords for you.
|
|
|
* For a humorous look at how not to pick a password: [xkcd](http://xkcd.com/936/)
|
|
|
|
|
|
## How to Change your password
|
|
|
|
|
|
There a few ways to change your SESYNC password using either your web browser or SESYNC issued Windows PC.
|
|
|
|
|
|
You also cannot change your password more than once in a 24hr period. If you need to reset your password in this scenario, pleas see the IT staff
|
|
|
|
|
|
### Use our internal password changer website.
|
|
|
|
|
|
**NOTE:** Business office personnel cannot use this service, please use the **Change your passord using your Windows PC** steps below
|
|
|
|
|
|
https://password.sesync.org
|
|
|
|
|
|
* This website is only available from a SESYNC network or SESYNC VPN.
|
|
|
|
|
|
### Change your password using your Windows PC.
|
|
|
|
|
|
1. After logging in, press ctrl-alt-delete and select **Change Password**
|
|
|
2. In the password form, make sure the first line lists **SESYNC\\<yourusername>**
|
|
|
* Enter your old password, followed by the new password you would like to use.
|
|
|
|
|
|
### Walk back and visit.
|
|
|
|
|
|
* Feel free to walk back and ask Bill or Tyler to assist you in changing your password.
|
|
|
|
|
|
### MacOS Folks
|
|
|
|
|
|
On MacOS, the laptop/desktop login password needs to be updated to match your SESYNC password.
|
|
|
Please follow the instructions below to perform this operation:
|
|
|
|
|
|
[[How to Change the MacOS login Keychain Password]]
|
|
|
|
|
|
## Managing and Remembering Passwords
|
|
|
|
|
|
We recommend using a password manager to store your passwords. Password managers are services that allow you to securely store all of your passwords and encrypt them using just one password. This allows you to easily use a different password for each bank, email and shopping site you log into. Under no circumstances should you store your password in a word document, Excel file, text file or elsewhere unencrypted on your Computer. A password protected word document doesn’t count its not secure.
|
|
|
|
|
|
To make this a bit easier there are two ways to manage passwords, first is to use a cloud service that has browser plugins which will automatically fill in passwords, (don’t let your browser save your password, its not secure). LastPass listed below is a cloud service that we’ve found to be secure and easy to use. The second option is to keep an encrypted copy of your password in a local password vault. KeePass2 listed below is software that does this.
|
|
|
|
|
|
- LastPass : https://lastpass.com/
|
|
|
- KeePass2: http://keepass.info/
|
|
|
|
|
|
For more information, visit [this information page](http://www.us-cert.gov/ncas/tips/ST04-002) at US-CERT. |
|
|
\ No newline at end of file |