Can’t log in? 752-RSET it
September 11, 2006
DeKALB | NIU students need to change their Z-ID password every 130 days because of security issues.
While some students may find this an annoyance, Information Technology Services finds it necessary to prevent possible security breaches.
Why all the changes?
The key to NIU’s technology resources is the Z-ID password. Elizabeth Leake, associate director of ITS, said she believes careful management of passwords is the best defense against hackers. She said on behalf of the university, ITS ensures rigid audit requirements are made by making sure user passwords are eight-character alpha-numeric combinations and that said passwords expire after 130 days.
The security of students’ passwords is important because they hold access to personal information, computational power and bandwidth, which are the most desirable commodities for organized crime today, she said.
Computer hackers make it their business to seek out information and power, something NIU has in abundance, she said. With about 25,000 students and 5,000 faculty members who have access to world-class resources, NIU, like all public universities, is a prime target.
“The criminals are becoming smarter and we, in return, must be more vigilant,” Leake said.
Computer hackers are often after Social Security numbers and bank account and credit card information, as well as network bandwidth, she said.
“An effective password and careful management is our best defense against this type of crime,” Leake said.
Student irritations
Even with the threat of personal information being taken from their accounts, some students find the safety measures a little too cautious.
Junior nursing major Adam Greiff is very annoyed with the password changing policy.
“Having to change our passwords is more of a nuisance than a protection,” Greiff said. “Not many people I know would want anything I have on that account in the first place. Most Internet crimes are committed trying to get something good like money or credit cards, not my research paper for English. I mean, seriously, how bored and desperate do you have to be to steal my homework?”
Greiff thinks the amount of times the password is changed should be up to the student.
“I think the best route to take on this, is to give the student a choice in the matter; if they want to change their passwords, let them, and only make it mandatory to do it once every two years so it will make all of our lives a lot simpler.”
Creating a useful password
With every login to the NIU network, a countdown of the number of days remaining on the users password will appear in the login script, beginning at 130 and decreasing at each use. Users are urged to change their passwords before they expire by logging into www.password.niu.edu, or by calling ITS at 815-752-RSET.
User passwords must be a combination of eight characters and must include both letters and numbers. ITS strongly discourages using names, birth dates, names of pets, phone numbers or Social Security numbers, and instead, use a system of abbreviating sayings or poems.
“Coming up with a system is helpful,” Leake said. “For example, think of a poem or verse and convert it to an eight character alpha-numeric combination: ‘Garbage day is Monday and pick-up is at 7 a.m.’ would be gdimpu7. A phrase like that meets all of the criteria mentioned and is easy to remember. The next password/verse could have something to do with Tuesday. Coming up with some logical sequence will facilitate remembering later.”