Wednesday, 20 August 2008

Passwords and House Keys

Universities are full of people who are discovering new technologies, new systems and new rules - most of which they haven't quite got the hang of yet.

This makes them prime targets for nefarious ne'er-do-wells (also known as "not very nice people") who like to pretend they are legitimate university staff in order to steal your usernames and passwords and use them to do all sorts of horrible, nasty things. Things like using your email account to send spam to thousands of other poor souls, or using up all of your Internet quota and running up your debt looking at web sites that might get you into trouble.

Usually, when the scam emails start coming out, we send around some emails of our own explaining why you should never give them your password.

Almost every time, without fail, people will reply to our emails (in which we have told them to NEVER give ANYONE their password - not even us) and they will give us their passwords.

In either case, once we know that a password has been compromised (because someone has sent it to us or we think they have sent it to someone else), we lock the account. You will try to sign into your email or one of the GATCF computers and you will be unable to do anything. If you come to us, we will talk to you about it and give you a new password, but your old password will never work again.

To put it as plainly as possible:

We will never ask you for your password. You should never give your password to anyone.

Remember, treat your passwords like you'd treat the keys to your car or your house. You probably wouldn't hand them out to anyone who simply came up and asked for them, and you shouldn't give away your passwords to anyone who asks for it, either.

No comments: