Today @ Colorado State has been replaced by SOURCE. This site exists as an archive of Today @ Colorado State stories between January 1, 2009 and September 8, 2014.

Announcements

New eID password policy for students, too

September 11, 2013

Longer, stronger passwords are easier to remember, easier to type, harder to hack.

When it comes to passwords, longer is stronger!

In April, CSU iimplemented a new policy to improve the strength of eID passwords. Stronger passwords are better at protecting CSU systems, protecting users from identity theft, and (believe it or not) make the eID easier to type and easier to remember.

Faculty and staff have changed to the new passwords; now it is time for students, associates and retirees -- anyone with a CSU eID -- to make the switch. ACNS will begin sending email reminders to anyone who has not changed to a 15-character on Monday, Sept. 16. Students will also receive alerts through RAMWeb.

Change once a year 

When it comes to hacking passwords, it's all about how many guesses it takes to get it right. That's why length is much more important than complexity when creating secure passwords. In other words, a password or "passphrase" made up of a series of short, easy-to-remember words (for example, "glib-horseman-podium") is much stronger than the kind of password we've been accustomed to recommending (for example, "X78vir$!"). And the first one sure is easier to type, even though it's longer.

What's also longer is the time between required password changes. Once you've changed to a longer password, it will be good for another year, rather than only six months as in the past.

 
Anyone can go to the eID password change website (http://eid.colostate.edu) and choose a longer password and feel secure about having a stronger password right away. Or you can wait until we notify you that you need to change. Either way, the password change tool will help you through the details and remind you of the rules. Remember, this is about increased security that's actually easier to use.

For more information, see the ACNS webpages:


For additional questions, feel free to contact Steve Lovaas, IT Security Manager in ACNS.


Contact: Steve Lovaas
E-mail: Steven.Lovaas@ColoState.edu
Phone: 970-297-3707