Gold University of Minnesota M. Skip to main content.University of Minnesota. Home page.
CSE Home | One Stop | Directories | Search U of M  
 
 

What's inside.
Account Management

CSE Wiki

E-mail

Hardware and Media

Network and Wireless

Offsite Access

Printing

Processes

Security and Passwords

Software and Tools

Systems Staff

Web Development

 

Help Home

CSE Home

 
 
 
 
 
 
  Home > Passwords and Security > User Security

User Security

  • Do not share your account or password

    Your username identifies you to the CS, IT and University communities, and to the Internet community as a whole. You are solely responsible for how your account is used, regardless of whether or not you have given another person permission to use your account.

    If someone needs access to IT resources, even on a temporary basis, then that person should contact Systems Staff and arrange for his/her own account.

    If someone else offers you use of an account for which you do not have authorization, decline. Also, if you discover someone else's password, do not use it. In either case, you should report the event to the Systems Staff operator.

  • Make a good password and keep it secure.

    Anyone who knows your password can use your account.

    1. Change your password often.
    2. Avoid writing it down where someone else can find it. Remember, if you loose the piece of paper that you wrote your password on, you need to change the password immediately.
    3. Do not use the same password for multiple accounts. Your account is only as secure as the least secure account it shares a password with. Many web and chat accounts do not use high encryption for their passwords, or send the password to the user in plain text emails.
    4. Do not send your password over email. Email is plain text, and completely insecure. System Staff will never ask you for your password via e-mail, IRC, or any other form of online communication. If someone claiming to be a sysadmin asks for your password via an online method, be immediately suspicious and notify the Systems Staff Operator as soon as possible.
  • Lock your workstation when you leave the lab.

    If you leave your workstation unattended and unlocked while you are logged in, anyone who sits down at the keyboard can use your account. Locking the workstation allows you to enter your password to unlock it when you return. Do not leave the workstation locked and unattended for more than 15 minutes. You may return to find yourself logged out.

    UNIX: Use the "xlock" command at the prompt (type "man xlock" for more information).
    Windows: Press the "ctrl" "alt" and "del" buttons together, and select the "lock workstation" option.

  • Do not circumvent, or attempt to circumvent, system security settings.

    Use of your account to subvert or change the system endangers the security of the entire network. Any attempt will be interpreted as a hostile action and your account will be closed. Reactivation of your account may require that you explain your actions to the Associate Dean of Student Affairs and/or an ITICC member. This wastes everyone's time and creates hard feelings; don't do it.

  • Report any problems or unusual behavior to the Systems Staff Operator or the lab consultant on duty.

    The sooner a problem is known about, the sooner it can be fixed.

  • Check your account for signs of unauthorized use (theft of service).

    Some indications include files you didn't create, directories with unusual names (like " "), wildcard entries in your ~/.rhosts file, and last login times you don't recognize.

Systems Staff is available to answer questions and address problems.

 
©2009 Regents of the University of Minnesota. All rights reserved. Contact U of M | Privacy
The University of Minnesota is an equal opportunity educator and employer.   Last modified on August 9, 2007
CSE Online Help