Concordia University

http://www.concordia.ca/content/shared/en/news/main/stories/2017/02/01/does-your-concordia-password-pass-the-test-iits.html

Does your Concordia password pass the test?

These new regulations are designed to safeguard university accounts
February 14, 2017
|
Source: IITS

cyber-data-security-620


From banking to shopping, most of our day-to-day transactions can now be accomplished with the click of a mouse. While convenient, this also makes our personal information vulnerable.

Michel Robitaille, director of IT architecture, security and planning at Concordia, says strong passwords are often the only barrier between us and the outside world.

“They protect us against everything from credit card fraud to identity theft,” he says.

But while solid passwords help keep unwanted eyes from seeing your private information, Robitaille warns that hackers have become efficient at breaking them.

“Hacking programs have been designed to run through entire dictionaries of words and all available characters as a means of accessing accounts.”


‘We needed to put up additional barriers’

To combat this, on February 22, Concordia will be joining numerous other institutions in increasing password complexity requirements and implementing new account lockout procedures.

Currently, Netname user passwords are required to be eight to 16 characters long and must contain one upper-case letter, one lower-case letter or one number. Special characters are prohibited and there is no account lockout feature for multiple failed password attempts.

“More universities are being targeted by increased IT security risks and improved hacker technology. We needed to put up additional barriers to make it harder for illegitimate users to gain access to accounts,” Robitaille explains.

Moving forward, passwords must contain one upper case letter, one lower case letter, one number and one non-alphanumeric character (example: @, $, *). Netnames and display names will also be prohibited from being used in passwords.
 

Combatting cyberattacks

Concordia will not prompt existing users to change their passwords, but it is highly recommended that they do so after February 8. At that time, those who need to reset their password will automatically be required to meet the new requirements.

In addition to password complexity, multiple failed password attempts will now lock you out of your account. The aim? To combat coordinated cyberattacks.

“You get five tries to log in to your account. If all of your attempts fail you will be locked out for 15 minutes,” Robitaille says.

Don’t worry, though. If you need immediate access to your account, you can contact the IITS Service Desk at 514-848-2424, ext. 7613.


Bonus password protection tips

Always keep your password a secret. Don't share it, and don't write it down. Use a password for your Concordia account that is different from your other accounts like online banking and social media. It is best to choose a unique password for each site that requires a login.


Find out how to change your
Concordia Netname password.

Learn more about IT security.

 



Back to top

© Concordia University