|
Bates College has a computer network serving over 3500 users.
Since the network resources are shared, each user is provided
a unique username and password. These credentials allow users
to access their share of network resources, including the
Bates email system.
PASSWORD MANAGEMENT AND EXPIRATION
The College provides the Password
Manager (link available from the Bates homepage hotlist menu) application for maintaining the network password.
Each user can utilize the Password Manager application
to change his or her own password.
A password expires 365 days after it has been issued or
changed. When a password is within 30 days of expiration
a series of automated e-mail messages will be sent to notify
the user that he or she is required to change the password.
The e-mail messages will stop as soon as the user changes
the password using the Password Manager.
PASSWORD SECURITY
The security of our network is important to all of us. Network
security depends on users keeping their own password secret.
Our systems are designed so that no one, including Information & Library
Services staff, will ever have a legitimate reason to ask
for another person's password whether in person, on the
phone, or via e-mail.
If a user feels that his or her password may have become
compromised the user is urged to use the Password Manager
immediately to change his or her password. If a user has
forgotten his or her password or someone has changed the
password without the knowledge of the user, such a user is
urged to go immediately to Help Desk Services in the George
and Helen Ladd Library with his or her Bates ID. The professional
staff will guide the user through the Sponsored Password
Change Process. Using this efficient
process the user will be able to change his or her password
with Password Manager by employing a temporary password called
a Password Change Token.
STORED PASSWORDS
Various applications which use your password to access network
resources or check your e-mail may be capable of saving
your password as a convenience.
For security reasons we highly recommend that you remove
your password from your e-mail client, any Web/Internet browser,
and other applications such as Dreamweaver or other SFTP and
Web Development tools. The only exception is when a master
password has been properly configured to protect stored passwords.
Although it is convenient, unless properly configured to
encrypt passwords behind a master password, storing your
password is not secure, as anyone who has access to your
computer can read or send e-mail in your name.
|
