Summary
Information security and personal privacy concerns permeate our daily lives, as our everyday work and study is significantly tied to processing and manipulating various kinds of data with computer technology. The use of strong passwords will help protect your personal and college data.
Introduction
Technology Security Concerns
The tools used by people with malicious intent attempting to compromise or attack information technology systems, including those in your home or at Bellevue College, continue to improve and have evolved to include attacks on hardware, through software, and through social engineering (exploiting weak practices at the user level).
User account names and their associated passwords are the most desirable information gleaned by hackers attempting to misuse technology resources and protected information. A significant compromise for the password to any college system could put the college instructional and business systems at great risk.
Therefore, the college information security policies and their related procedures require the use of strong security passwords when using college computers or network resources. This is one of the key components providing essential security for all college technology assets and the sensitive employee and student data they store (this includes systems such as the MyBC Portal, or to systems processing student, personnel, payroll and HR information).
When not appropriately used, passwords can be the weakest link in any computer security scheme. Because of this, the careful use, selection and management of individual passwords are the first line of defense in assuring technology security on college systems.
Good Password Practices
Here are some additional best practices relating to passwords. Be sure to also review BC’s NetID password rules and standards.
- Generally, the more random the sequence of characters a password contains the more secure it will be
- Avoid obvious passwords. Do not use system ID numbers (SIDs), names of children, spouses, pets, favorite sports teams, birthdays, or similar personal things that others may be likely to know or have access to.
- Do not use anything that can be found in a dictionary. If you must use common words, mix them up logically (for example: toythree, MileWheel, sea2Tree). Or mix in special characters and numbers, or even intentionally misspell it (examples: guvnor1, 2gether).
- Make up an acronym based on a song, a sentence, poem or rhyme, then add a number and/or symbol. Examples:
- “I Saw Mommy Kissing Santa Claus” (Ismk$c)
- “The Check is in the Mail” (tciitM5)
- “Tennis, Anyone?” (10$ne1?)
- Change your network password before it expires every 120 days.
Protecting Passwords
- Change your password immediately if you think it has been compromised.
- NEVER write down your password and post it near the computer or monitor where you work.
- A written password is more easily discovered than one committed to memory.
- The judicious use of smartphone-based password management software and apps can be useful, provided the phone is kept physically secure and protected by a password or passcode.
- Do not share passwords with anyone–family, friends, co-workers; you alone are responsible for all actions taken using your user name and password.
- Users seeking assistance may sometimes share passwords with college technical support personnel, as necessary, to facilitate the support and maintenance of college technology assets. The expectation is that this type of access will be rare and treated sensitively by support personnel. A password shared in this manner should be changed privately by the user as soon as the needed work is completed.
- Never use your college network logon password for any other purpose, such as a home computer account.
- Use care when typing your password.
- Make certain no one is looking over your shoulder.
- Be courteous to others typing passwords; do not watch as they do so.
- Do not save your password electronically on your BC computer.
- Some application or website dialog boxes present an option to save or remember your password on the computer being used–Never select that option.