Password security

• Why a stronger password?

• Creating a stronger password

• How to change your password for: network, RACF mainframe

Why a stronger password?

• Identity theft. Identity theft is rampant today. Nearly 10 million people in the United States were victims of identity theft in the last 12 months according to a recently released report from the Federal Trade Commission (FTC)

• Protects client information. We handle confidential client records everyday. It is our responsibility to ensure that this information doesn't fall into the wrong hands possibly resulting in personal or legal damages.

• Protects personal information. If someone learns your password, that person becomes you. They can garner confidential information about you, your family or information in your personnel files.

• System clog. A weak password can allow hackers to enter the system and clog it with computer worms and viruses. This can halt the flow of work, delete vital information and even shut down the system all together

• Unauthorized internal access. Often unauthorized access comes from inside a workplace. Nearly 80 percent of all information security breaches and resulting losses originate from inside an organization according to recent FBI data.

• Easily cracked. Weak passwords are easy to crack. A six-character password with both numeric and alpha characters has 2,176,782,336 possible combinations. An eight-character password has 1296 times more possibilities 2,821,109,907,456. This means that if a cracker can get to a password file and break a 6-position password in 1 hour, it would take 1,296 hours to break an 8-position password. Of course if the password contains a dictionary word the password search for the cracker only takes a few minutes.

• Current standards too low. Federal and state rules require stronger security. Compared to government requirements, the current DHS password standards are too low. Also, recent audit findings require us to develop more secure information systems. Successful implementation of the password policy will bring us closer to industry standards.

Creating a Strong Password

• Be 8 characters long

• Be a combination of numeric and alpha characters

• Not contain dictionary words

• Not contain your easily identifiable personal information

• Be meaningful to you

• Be kept secret

• Be changed every 60 days

Examples of how you can create a stronger password

• Pick a family member or friend's initials and birth year (but not your own)

• Sarah Jessica Frazier Parker sjfp

• Now include the year they were born 1962

• New stronger password s1j9f6p2 or 19sjfp62

Password using an address

• Passwords using songs

• Pick a line from your favorite song.

• Oh say can you see! oscys

• Add the number of your troop or unit 932

• New stronger password oscys932 or 9osc3y2s

Passwords using a phrase

• I love my 57 chevy pickup truck

• New stronger password ilm57cpt or ilmcpt57

How to change your password

Novell Network

• press ctrl-alt-delete

• click on the Change Password button

• enter your current password

• press tab, key in your new password

• press tab, re-key your new password to confirm and click OK

RACF Mainframe

• key in your USERID

• press tab, key in your password

• press tab until your cursor is in the New Password field

• key in your new password

• press the enter key

• Some client/server applications like TRACS, FACIS, etc., require the password to be identical to your mainframe password. You will need to go into these systems individually and change your password there as well.

• If you are a TRACS or remote laptop user for Oregon Access, your password must lead with an alpha character.

• If you use your number keypad (located to the right side of your keyboard) when creating and/or entering your password, it must be "on" for the system to register the numeric characters.