Create a Strong Passphrase: Difference between revisions

From howdoi
No edit summary
No edit summary
Β 
(14 intermediate revisions by 4 users not shown)
Line 1: Line 1:
{{abox
{{AboxNew
| name Β  Β  Β  Β  = Set a Good Passphrase?
| name = Create a Strong Passphrase
| summaryΒ  Β  Β  = Tips and requirements for coming up with your RCS Passphrase.
| learning = Β 
| for_employees = Y
| instruction = Β 
| for_studentsΒ  = Y
| community = x
| for_parentsΒ  = Β 
| summ = How to create a strong and secure passphrase
| cat1Β  Β  Β  Β  Β  =Β  Classroom technology and systems
| maintained = MR
| cat2Β  Β  Β  Β  Β  =
| year = 2024-2025
| maintained Β  = MR
| year Β  Β  Β  Β  = 2018-2019
}}
}}
__TOC__


== RCS Password to Passphrase New Policy ==
==Passphrase Security==
* RCS current password policy: 8 character minimum with at least one lowercase letter, uppercase letter a digit and/or special character.
* RCS update password policy: 12 character passphare.
Β 
Folks will have to do a longer password the next time they change it. and I think we should use the term "passphrase" to punctuate the point that it should be looooooong
Β 
== Laptop vs. RCS Passphrase ==
Β 
If you have a laptop or home computer, you'll have an admin password for it. This may be different from your RCS Passphrase. Resetting one does not reset the other; you'll have to change both if you want them to be the same.
Β 
== Passphrase Security ==


You should '''never give out your Passphrase''' to anyone. You should '''never write down your Passphrase'''. You should '''never e-mail your Passphrase''' to yourself for safekeeping. You should only '''memorize it.''' If you forget a Passphrase, a member of the tech department can reset it, but it is not possible for us to look up your Passphrase.
You should '''never give out your Passphrase''' to anyone. You should '''never write down your Passphrase'''. You should '''never e-mail your Passphrase''' to yourself for safekeeping. You should only '''memorize it.''' If you forget a Passphrase, a member of the tech department can reset it, but it is not possible for us to look up your Passphrase.
Line 27: Line 16:
If something damaging or inappropriate is done using your account, it will appear as though you committed the action -- whether or not you were in fact involved. The technology department and the school administration will have no choice but to act as if you were the perpetrator. Therefore, you must be extremely diligent in protecting your passwords.
If something damaging or inappropriate is done using your account, it will appear as though you committed the action -- whether or not you were in fact involved. The technology department and the school administration will have no choice but to act as if you were the perpetrator. Therefore, you must be extremely diligent in protecting your passwords.


== RCS Passphrase ==
==RCS Passphrase==


Your RCS account is the username and Passphrase combination you use to log in to any computer on the RCS campus.Β  This combo will also gain you access to your WiFi, Google Apps (gmail, calendar, etc.), Schoology, printing, and all other Riverdale sites.Β  Β 
Your RCS account is the username and Passphrase combination you use to log in to any computer on the RCS campus.Β  This combo will also gain you access to your WiFi, Google Apps (gmail, calendar, etc.), Schoology, printing, and all other Riverdale sites.Β  Β 


=== Passphrase Expiration Period ===
==Passphrase Requirements==
Β 
'''Your Passphrase expires 13 months after you set it.''' This allows you to return to campus after summer vacation and use the same Passphrase you had before you left.
Β 
We warn you via email to change your Passphrase one month prior to expiration. '''Whether or not you see the warning, your Passphrase will expire after 13 months.'''
Β 
'''We strongly recommend that you reset your RCS Passphrase before it expires.'''
Β 
=== How do I Know if My Passphrase Expired? ===
Β 
Symptoms of this include:
* Inability to log into our wireless network
* Inability to log into campus computers
* Inability to log into myRiverdale, Okta, RCS Gmail, or other RCS online resources
Β 
== What's a good Passphrase? ==
Β 
Contrary to popular belief, '''the complexity of your Passphrase is not its most important feature'''.
Β 
Here are the three steps to create a great password:
# Make it as long as possible, we recommend more than 15 characters.
# Don't make it a word that you can look up in the dictionary
# Don't use common substitutions
#* Using a word like password ($ for s, 0 for o) to create a password like p@$$w0rd? Bad idea. Way too easy to crack.
Β 
== Passphrase Requirements ==


We strongly encourage you to make a long passphrase that contains multiple words that are meaningful to you with a few digits thrown in.
We strongly encourage you to make a long passphrase that contains multiple words that are meaningful to you with a few digits thrown in.
Line 62: Line 26:
The passphrase must:
The passphrase must:


contain 12 or more characters (we recommend longer than the minimum length)
* contain 12 or more characters (we recommend longer than the minimum length)
not contain your first name, last name or username
* not contain your first name, last name or username
be different from a previous passphrase you've used at RCS
* be different from a previous passphrase you've used at RCS
contain at least one lowercase letter, uppercase letter, digit
* contain at least one lowercase letter, uppercase letter, digit


Expired RCS passwords cannot be reset to a previous password... but you can alter a previous one slightly to make a new one! Adding a number or character to the end is an easy way to accomplish this.
Expired RCS passwords cannot be reset to a previous password... but you can alter a previous one slightly to make a new one! Adding a number or character to the end is an easy way to accomplish this.
Line 71: Line 35:
'''We recommend you use this site to check your Passphrase complexity before setting it: [http://howsecureismypassword.net/ How secure is my Passphrase?]'''
'''We recommend you use this site to check your Passphrase complexity before setting it: [http://howsecureismypassword.net/ How secure is my Passphrase?]'''


== Setting an RCS Passphrase ==
===Passphrase Expiration Period===


This is done in myRiverdale. [[Use myRiverdale (aka Okta)?|Click here for full instructions]].
'''Your Passphrase expires 13 months after you set it.''' This allows you to return to campus after summer vacation and use the same Passphrase you had before you left.


== Necessary next steps ==
We warn you via email to change your Passphrase one month prior to expiration.
The emails will have a subject line of this form, "RCS domain passphrase for jappleseed27 will expire in 20 days." '''Whether or not you see the warning, your Passphrase will expire after 13 months.'''


Once you change your RCS Passphrase, you'll need to make some other changes to your devices. For each device you might use, here's what you should check and change:
'''We strongly recommend that you reset your RCS Passphrase before it expires.'''


* WiFi
===How do I Know if My Passphrase Expired?===
* Saved credentials for printers on campus. See instructions for changing [https://knowledge.riverdale.edu/index.php?title=Direct_Wireless_Printing/Changing_Password here]
* Password in the settings for your mobile device
* Passwords saved in web browsers


= How Can I Get Help? =
Symptoms of this include:
Still can't log in? Do any of the following:
* Enter a support ticket @ [https://support.riverdale.edu support.riverdale.edu]
* Call x50
* Visit the Hill System Room (basement of Mow)
* Visit the River Tech Office
* Visit the helpdesk on either campus


*Inability to log into our wireless network
*Inability to log into campus computers
*Inability to log into myRiverdale, Okta, RCS Gmail, or other RCS online resources


<!--
==What's a good Passphrase?==
===On a Managed PC on campus===


# While logged into Windows, press Ctrl - Alt - Delete on your keyboard. This will bring up the Windows Security screen.
Contrary to popular belief, '''the complexity of your Passphrase is not its most important feature'''. Β 
# Click the button for "Change Password..."
# Enter your old password, then enter your new password twice -- once to set it, and once to confirm it. Click "OK."
# As long as your password meets the requirements outlined above, the change should work. If not, try it again. To quit without saving a new password, click "Cancel."


===On a Macintosh===
Here are the three steps to create a great password:


'''Method 1 - Forced Change'''
#Make it as long as possible, we recommend more than 15 characters.
#Don't make it a word that you can look up in the dictionary
#Don't use common substitutions
#*Using a word like password ($ for s, 0 for o) to create a password like p@$$w0rd? Bad idea. Way too easy to crack.


If you are informed that your password will expire in a certain number of hours or days, please continue to use the machine. After your password expires, the Macintosh will automatically pop-up a window ''the next time you attempt to login'' which will allow you to change your password right then and there. Please follow the RCS account password requirement rules above in forming your new password. You will not be allowed to login until you have entered a correctly formatted password.
==Setting an RCS Passphrase==


'''Method 2 - Deliberate change'''
This is done in myRiverdale. [[Use myRiverdale (aka Okta)?|Click here for full instructions]].


If you wish to change your password at any time after you have logged in to the Mac, click the System Preferences icon in your Dock then choose the Accounts preference:
==Necessary next steps==


[[Image:AcctPP2.jpg]]
Once you change your RCS Passphrase, you'll need to make some other changes to your devices. For each device you might use, here's what you should check and change:


Click the Change Password button:
*WiFi
*Saved credentials for printers on campus. Please see our [[Update Your RCS Passphrase|instructions for changing your passphrase]].
*Password in the settings for your mobile device
*Passwords saved in web browsers


[[Image:ChPass.jpg]]
==Laptop vs. RCS Passphrase==


Enter a new password and verify it. Please follow the RCS account password requirement rules above in forming your new password.
If you have a laptop or home computer, you'll have an admin password for it. This may be different from your RCS Passphrase. Resetting one does not reset the other; you'll have to change both if you want them to be the same.
'''NOTE:''' Information typed into the Password Hint box is discarded and never used.
Click the blue Change Password button.


[[Image:ChPassWin.jpg]]
==How Can I Get Help?==
Β 
Still can't log in? Do any of the following:
If you click the little key icon [[Image:PwKey.jpg]] to the right of the New Password field, the Password Assistant will come up with a password for you. Clicking the disclosure triangle presents other choices:
Β 
[[Image:PwHints2.jpg]]Β  [[Image:PwHints3.jpg]]
Β 
Make sure you select the password type '''Memorable''' to have a password created which should match the RCS account password requirements as explained above. Cut and paste the password twice into the appropriate fields, then click the blue Change Password button.


-->
*Enter a support ticket @ [https://support.riverdale.edu support.riverdale.edu]
*Call x50
*Visit the Hill System Room (basement of Mow)
*Visit the River Tech Office
*Visit the helpdesk on either campus

Latest revision as of 10:42, 8 August 2024

Howdoi Banner.png
People Graphic.png
Learning Instruction Community
Check Mark Graphic - Unchecked.png Check Mark Graphic - Unchecked.png Check Mark Graphic.png
SummaryHow to create a strong and secure passphrase
AuthorMaintained by Matt Ringh
HelpGet help with this article
StatusUp-to-date for the 2024-2025 school year.

Passphrase Security

You should never give out your Passphrase to anyone. You should never write down your Passphrase. You should never e-mail your Passphrase to yourself for safekeeping. You should only memorize it. If you forget a Passphrase, a member of the tech department can reset it, but it is not possible for us to look up your Passphrase.

If something damaging or inappropriate is done using your account, it will appear as though you committed the action -- whether or not you were in fact involved. The technology department and the school administration will have no choice but to act as if you were the perpetrator. Therefore, you must be extremely diligent in protecting your passwords.

RCS Passphrase

Your RCS account is the username and Passphrase combination you use to log in to any computer on the RCS campus. This combo will also gain you access to your WiFi, Google Apps (gmail, calendar, etc.), Schoology, printing, and all other Riverdale sites.

Passphrase Requirements

We strongly encourage you to make a long passphrase that contains multiple words that are meaningful to you with a few digits thrown in.

The passphrase must:

  • contain 12 or more characters (we recommend longer than the minimum length)
  • not contain your first name, last name or username
  • be different from a previous passphrase you've used at RCS
  • contain at least one lowercase letter, uppercase letter, digit

Expired RCS passwords cannot be reset to a previous password... but you can alter a previous one slightly to make a new one! Adding a number or character to the end is an easy way to accomplish this.

We recommend you use this site to check your Passphrase complexity before setting it: How secure is my Passphrase?

Passphrase Expiration Period

Your Passphrase expires 13 months after you set it. This allows you to return to campus after summer vacation and use the same Passphrase you had before you left.

We warn you via email to change your Passphrase one month prior to expiration. The emails will have a subject line of this form, "RCS domain passphrase for jappleseed27 will expire in 20 days." Whether or not you see the warning, your Passphrase will expire after 13 months.

We strongly recommend that you reset your RCS Passphrase before it expires.

How do I Know if My Passphrase Expired?

Symptoms of this include:

  • Inability to log into our wireless network
  • Inability to log into campus computers
  • Inability to log into myRiverdale, Okta, RCS Gmail, or other RCS online resources

What's a good Passphrase?

Contrary to popular belief, the complexity of your Passphrase is not its most important feature.

Here are the three steps to create a great password:

  1. Make it as long as possible, we recommend more than 15 characters.
  2. Don't make it a word that you can look up in the dictionary
  3. Don't use common substitutions
    • Using a word like password ($ for s, 0 for o) to create a password like p@$$w0rd? Bad idea. Way too easy to crack.

Setting an RCS Passphrase

This is done in myRiverdale. Click here for full instructions.

Necessary next steps

Once you change your RCS Passphrase, you'll need to make some other changes to your devices. For each device you might use, here's what you should check and change:

Laptop vs. RCS Passphrase

If you have a laptop or home computer, you'll have an admin password for it. This may be different from your RCS Passphrase. Resetting one does not reset the other; you'll have to change both if you want them to be the same.

How Can I Get Help?

Still can't log in? Do any of the following:

  • Enter a support ticket @ support.riverdale.edu
  • Call x50
  • Visit the Hill System Room (basement of Mow)
  • Visit the River Tech Office
  • Visit the helpdesk on either campus