Mary Baldwin has an obligation to it’s users to protect information stored on our computer systems from unauthorized access. Some of this information can be very private in nature, like student records, phone numbers, addresses, Social Security Numbers and the like. Believe it or not, there are lots of people out in the world, and some right here on campus, who try to guess or “crack” passwords in order to snoop around. The kind of access people have to computers in an institution like ours, provides many opportunities for password cracking. By requiring people to change passwords every 90 days, we can make it more difficult for our passwords to be compromised and protect our information and systems!
In order to change your password, you will need to use the Password Change Form
(https://academic.marybaldwin.edu/sslscripts/password/password.asp). You will need your Mary Baldwin Username and your old password in order to change it. When choosing a new password, please remember to choose a strong password (see below for choosing a good password).
To reset your password, you will need to use the Password Doctor contact the Help Desk, M-F 8-4:30 at (540-887-7075). You will need to provide your Mary Baldwin Username, your Mary Baldwin ID Number and the last four digits of your SSN to reset the password to a default. Upon changing your password, the default will look something like this: _ _ _ _Yj3SqM (see note). Please remember that the four underscores at the beginning of the password MUST be replaced with the last four digits of your SSN.
What username/password do I use for which login screen?
In order to show what passwords to use, I’m going to use our good friend Johnny Smith to help with this.
Name: Johnny Reed Smith
Mary Baldwin ID #: 123458888
With this information, Johnny will get into the following accounts:
Mary Baldwin Webmail
You may not think your username and password really protects anything of value. So why would another person want to access your account? They may not know there is nothing of value on your machine. Or they may find information accessible from your account to be of value in a way you have never dreamed of. Or they may want to exploit your account to help gain access to more significant accounts. Remember, the computer system you use could potentially be accessed by anyone in the world via the Internet, and you share that computer system with other people.
So how do you select a good password? There are two major criteria: It should be hard to guess, and it should be easy to remember. Most people (maybe even you) tend to create passwords that are not very secure. Frequent passwords are the name of a spouse, child, pet, sports team, or a birth date followed by a number or exclamation mark. This kind of information is simply too easy to get or guess. In fact, it’s not a good idea to pick a password that is simply a dictionary word followed by a number or punctuation mark. If your current password fits this description, it should be changed.
So how can you pick a good password that is easy to remember? Here are some ideas.
Use two ordinary words separated by a special character or number, and mix the case. Examples include: Big$Card, My3Sons?. This approach provides more than 200 million possible passwords using 3- or 4- letter dictionary words.
You may also choose an acrostic-type password such as GL8tbbp meaning “Goldie Locks Ate The Baby Bear’s Porridge!” Additionally, a line of lyrics from a song or poem can provide an easy to remember sentence. For example, Ttl*HIw comes from “Twinkle, Twinkle Little star(*), How I Wonder…”
Pick a password you can remember. That way you won’t ever have to write it down. Be careful when you are entering your password to access a computer. Who else is around you that may notice your keystrokes? Also, don’t share the password to your individual account with a friend. That is not only a compromise of security (even if you trust them), it is a violation of Mary Baldwin Policy. Don’t even share your password with your supervisor or system administrator.
If you ever suspect that your password has become known to someone else, CHANGE IT IMMEDIATELY! It is a good idea to change your password regularly, just in case there has been an undetected password compromise. Be aware, security monitoring techniques may track any unauthorized activity back to your account. You are responsible for your account security.
Finally, if you suspect that someone else’s password has been compromised, either communicate it to that person, or call the Mary Baldwin HelpDesk. The system administrator can arrange for the password to be changed the next time the user accesses the system.