Presentation is loading. Please wait.

Presentation is loading. Please wait.

T OO M ANY P ASSWORDS ! Security Awareness Day Sept 29 th, 2009 Jack Schmidt.

Similar presentations


Presentation on theme: "T OO M ANY P ASSWORDS ! Security Awareness Day Sept 29 th, 2009 Jack Schmidt."— Presentation transcript:

1 T OO M ANY P ASSWORDS ! Security Awareness Day Sept 29 th, 2009 Jack Schmidt

2 A GENDA Passwords Today Upcoming Improvements Password Requirements Kerberos Fermi Domain Services IMAP VPN Password Recommendations/Help Creating your password Setting your password Remembering your passwords Forgot your Fermilab password? References Questions?

3 F ERMILAB P ASSWORDS T ODAY Fermi Domain IMAP Listserv SMTP VPN kerberos Exchange FTL Services Meeting Maker Service Desk

4 F ERMILAB P ASSWORDS S OON Services Kerberos/Fermi Domain Exchange Outlook IMAP Listserv SMTP FTL Meeting Maker Service Desk VPN

5 U PCOMING I MPROVEMENTS Update Application Authentication Identify and configure as many applications as possible to use KCA certificates Identify and configure as many applications as possible to use Services account Identity Management/Self Service Provide one place to set passwords across applications

6 F ERMILAB P ASSWORD R EQUIREMENTS

7 K ERBEROS P ASSWORD R EQUIREMENTS Minimum of 10 characters Two of the four character groups must be used. These groups include: English uppercase characters (A through Z) English lowercase characters (a through z) Base 10 digits (0 through 9) Non-alphabetic characters (for example # $ ^ & * % -., ) This password can be the same as your Fermi Windows domain password This password expires every 400 days

8 F ERMI D OMAIN P ASSWORD R EQUIREMENTS Minimum of 10 characters Three of the four character groups must be used. These groups include: English uppercase characters (A through Z) English lowercase characters (a through z) Base 10 digits (0 through 9) Non-alphabetic characters (for example # $ ^ & * % -., ) The password can not contain three or more consecutive characters from your username You cannot repeat your last 6 passwords Your password cannot contain your username or real name This password can be the same as your Kerberos password This password expires every 6 months

9 S ERVICES P ASSWORD R EQUIREMENTS Minimum of 10 characters Three of the four character groups must be used. These groups include: English uppercase characters (A through Z) English lowercase characters (a through z) Base 10 digits (0 through 9) Non-alphabetic characters (for example # $ ^ & * % -., ) Note: in most cases you could also use various quotes, brackets and parenthesis, but the self service web form does not support them. The password can not contain three or more consecutive characters from your username You cannot repeat your last 6 passwords Your password cannot contain your username or real name This password should be different from your Fermi Windows domain or Kerberos password This password expires every 6 months

10 IMAP P ASSWORD R EQUIREMENTS Minimum of 10 characters This password should be different from your Services, Fermi Windows domain or Kerberos password The IMAP service will be moved to Exchange and use your Services password soon!

11 VPN P ASSWORD R EQUIREMENTS Minimum of 8 characters Three of the four character groups must be used. These groups include: English uppercase characters (A through Z) English lowercase characters (a through z) Base 10 digits (0 through 9) Non-alphabetic characters (for example # $ ^ & * % -., ) This password should be different from your Services, Fermi Windows domain or Kerberos password The VPN service is changing Oct 1 st with a new web client that uses your Services password!

12 P ASSWORD R ECOMMENDATIONS /H ELP

13 S ETTING Y OUR P ASSWORD How Do I change My Password? Kerberos V5 (UNIX, FNAL.GOV realm) Kerberos V5 (Windows, FERMI.WIN.FNAL.GOV realm) Kerberos V5 (Windows, FERMI.WIN.FNAL.GOV realm) Services Account (This also changes your Exchange password) Services Account Mail server IMAP Password Taken from: vices/Accounts_and_Passwords

14 C REATING Y OUR P ASSWORD Use a cipher to build your passwords Wikipedia defines a cipher as: A cipher (or cypher ) is an algorithm for performing encryption or decryption — a series of well-defined steps that can be followed as a procedure. Follow the password requirements for length and character groups

15 C REATING Y OUR P ASSWORD Simple Cipher Example First three letters in caps First and last digits of ID (i.e. 41) Last three letters, lowercase Two odd characters Services password: SER 41 ces ;) SER41ces;)

16 R EMEMBERING Y OUR P ASSWORDS Commit passwords to memory Use the cipher method to create passwords This is the best way to prevent your passwords from being stolen Keep Them Safe! If you must write down passwords, store them in a secure place such as a locked drawer or in your wallet next to your credit card. Recommended tools A variety of password storage applications are available for your computer or smart phone. Look for products that support AES-256 encryption. CD does not recommend or support any specific products.

17 F ORGOT Y OUR F ERMILAB PASSWORD ? Service Desk Call 2345, 8-4:30 M-F. Reset kerberos, Fermi Windows Domain, Services and VPN account passwords Self Service: Self "Services Account" Password Reset tool Works for Services password Requires KCA

18 R EFERENCES Useful Reference Pages CD Account and Password Services Page: s/Accounts_and_Passwords Tune IT Up Page Password management tips under Helpful Links Questions & Answers section This talk: https://cd-docdb.fnal.gov:440/cgi- bin/ShowDocument?docid=3415

19 Q UESTIONS ?


Download ppt "T OO M ANY P ASSWORDS ! Security Awareness Day Sept 29 th, 2009 Jack Schmidt."

Similar presentations


Ads by Google