Password violations are the Number One security problem on networks today. This policy is designed to ensure that all College and individual data stored on the network are protected through reasonable and appropriate use of password security. Users who violate this policy will be held responsible for a breach of security and any impact this may have on the integrity of data or performance of the network.

An initial password is set for you at the time you receive your account; your password is set as your student ID. Novell Network, GroupWise e-mail, WebCT and NetStorage all use the same login and password.

Examples of activities which will jeopardize your privilege to access the College's computer resources include:

• Writing down your password and posting it in your work area
• Sharing your password with others
• Keying in your password for others to use
• Sending your password over the Internet or through e-mail
• Giving your password to an unknown person either in person or over the phone

The Computer/Network Security Policy outlines the consequences of making passwords available to other users.

Should a password be compromised, the owner should change his/her password immediately, to avoid future unauthorized access. Otherwise, passwords should be changed periodically, once every 6 months is our policy.

You can now reset your own password. To do this go to the following web site http://www.css.edu/x17901.xml from this page you will be able to configure your challenge questions to enable you to be able to do a password self reset, and actually change your password.

Authorized users of CSS computer networks and resources include faculty, staff, official guests and all currently registered students, both within the traditional campus and beyond. Temporary privileges will be given, as appropriate, for official guests at the College.

Password Policy Recommendations

Non-obvious passwords are more secure if they:

• Are at least 8 characters long and include at least one number
• Consist of a mixture of upper-and lower-case letters -or- special characters (!*&%$)
• Microsoft provides a free password quality checker here

• Passwords should be easy to remember so you don't have to write them down.
• Use letters from a phrase or song or something that is meaningful to you. For example; Mfswb@slh02 (My first son was born at st lukes hospital in 2002) or Ds2c2me! ( Don't stand to close to me!)
• Make a sentence: urOK4me* or iMin2h0ck$y

Examples of BAD Passwords:

• Any proper name (like smith or johnm)
• A place or proper noun (like duluth)
• Any word in the English or Foreign dictionary
• A street name, telephone number, license number
• A birthday or anniversary date
• Passwords with the same letter (like aaaaa)
• Simple patterns of letters from the keyboard (like qwerty)
• Any of the above spelled backward
• Any of the above followed by a single digit
• Easily associated with you or your interests

• Do not identify it as a password
• Do not attach it to ANY part of the computer or work area
• Make the written version different from the original
• Do not include the computer or account name

If you need assistance in changing your password or have any questions, please contact the Help Desk at extension 5911.