+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 32
School ICT Policies Thread, Password legislation/rulings in School Administration; re: usernames... when I was at uni my department used to use a rotating letter to identify the year... example: ...
  1. #16


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,461
    Thank Post
    866
    Thanked 845 Times in 667 Posts
    Rep Power
    195
    re: usernames... when I was at uni my department used to use a rotating letter to identify the year... example: I was ctztdn
    ct (course) z (97 entry) tdn (my initials)
    Had I been a year ealier, i'd have been ctytdn, then ctx..
    This allows internal users a mnemonic for each year (and of course a non-changing username) IIRC there were only vwxyz in the rotation, as that more than covered a few years.

    I think it is useful to use more than initials, however, as these soon get exhausted and you end up with "td2n" and things - yak.

  2. #17
    Jona's Avatar
    Join Date
    May 2007
    Location
    Cranleigh
    Posts
    467
    Thank Post
    14
    Thanked 50 Times in 48 Posts
    Rep Power
    23
    Quote Originally Posted by tom_newton View Post
    example: I was ctztdn
    Nottingham??

  3. #18
    OverWorked's Avatar
    Join Date
    Jul 2005
    Location
    N. Yorks
    Posts
    1,010
    Thank Post
    196
    Thanked 42 Times in 34 Posts
    Rep Power
    30
    Quote Originally Posted by jcollings View Post
    2. Interesting about usernames. We use 07BloggsJ as username and 07BloggsJ@schooletc.co.uk as their email (that way they only have to remember 1 username) - a guy from Shirelands (our VLE provider) was suggesting Becta has said 07BloggsJ was no longer acceptable as it identified the age of the student and their surname. What do others do for student email addresses?
    I undertand that on email addresses it must not be possible to work out the name, age or gender of the child. I think I read that on becta somewhere.

    We previously had no password policy, even blank were allowed. I was horrified to find that a teacher had a blank password - he just couldn't see the point of setting one. It hadn't occurred to me that staff might have no password.

    When I did set a policy following this incident (and notified the whole school a month in advance) I got some nasty ear ache off the staff (none from the kids) about it for months afterwards.

    I dug my heels in and now they just accept it and get on with it when they're forced to change them.

  4. #19

    Join Date
    Jun 2006
    Posts
    50
    Thank Post
    6
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Quote Originally Posted by elsiegee40 View Post
    I force passwords changes on all staff in the second week of every half term. It wasn't popular when I first did it, but they're used to it now.
    I don't see the point of this. I guess many do what my mum used to do when she had enforced password changes at the bank. She had a list of them in the back of her diary and rotated through them. I know for a fact that our office manager has done this too for county payroll and admin systems.

    Does this make for a more or less secure system?

  5. #20
    zag
    zag is offline
    zag's Avatar
    Join Date
    Mar 2007
    Posts
    3,738
    Thank Post
    894
    Thanked 414 Times in 348 Posts
    Blog Entries
    12
    Rep Power
    85
    The most secure password systems are those which do not enforce changes

  6. #21

    witch's Avatar
    Join Date
    Nov 2005
    Location
    Dorset
    Posts
    11,050
    Thank Post
    1,318
    Thanked 2,310 Times in 1,624 Posts
    Rep Power
    692
    Our teacher passwords are set once and then never changed. Most have the same password for logging on locally to their laptop as they do to the network. I have complained but no one cares about security so....
    The children have similar to most of you: yearsurnamefirst3lettersoffirstname (07smithemm). They don't have email addresses here.

  7. #22


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,461
    Thank Post
    866
    Thanked 845 Times in 667 Posts
    Rep Power
    195
    Quote Originally Posted by Jona View Post
    Nottingham??
    Leeds Uni.

  8. #23


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,461
    Thank Post
    866
    Thanked 845 Times in 667 Posts
    Rep Power
    195
    Changing passwords is only really useful for damage limitation once someone's got in. With the primary adversary being kids here, i really think you're going to notice almost immediately you are compromised... this would, in my eyes mean the benefits are outweighed by irritations (more forgetters, writing down, etc).

    Worth communicating "what to do if you think someone has your password" though.

  9. #24

    Sylv3r's Avatar
    Join Date
    Jul 2005
    Location
    Co. Durham
    Posts
    3,197
    Thank Post
    370
    Thanked 374 Times in 332 Posts
    Rep Power
    147
    Quote Originally Posted by MrHappy View Post
    typical username and password for a user

    User Mark Bell

    username 09MBELLI9F
    password ntlznh4b

    took about a month for kids and staff to get used to the new username password policy but its worked.

    Its completely cut out the problems we had before i.e. kids loging on to other kids email accounts, loging on to network to delete work.
    Do you have more instances of the students forgetting their passwords now though? Infact what about staff forgetting their passwords if they use a similar context?

    Thanks

  10. #25

    Sylv3r's Avatar
    Join Date
    Jul 2005
    Location
    Co. Durham
    Posts
    3,197
    Thank Post
    370
    Thanked 374 Times in 332 Posts
    Rep Power
    147
    Usernames to login are:

    07AIBSMITH (Year of Entry + First 2 Letters of Form + Initial + Surname)

    e-mail addresses are:

    bsmith@stbedes......... (for staff and students but both on different domains, but im going to introduce a new e-mail system for students so we will probably create a new formula such as gs100@stbedes..... (initials + number starting at 100) for our student accounts. Printed out on sticky labels so they can stick into their planners at the start of the year - not with their passwords on of course.

  11. #26


    Join Date
    Jul 2007
    Location
    Rural heck
    Posts
    2,662
    Thank Post
    120
    Thanked 434 Times in 353 Posts
    Rep Power
    126
    Sorry to be so negative in my first post, the school were I used to work had some very vindictive staff. They also had no training policy so they had lots of staff who had 0 confidence in IT.

    We had 90 day password changes with your last 6 passwords not permitted. We however had no restricton on how often you could change your password. Net result was some teachers when asked to change their password would then change it 6 times so they could change it back to te one they had before.

  12. #27
    Grommit's Avatar
    Join Date
    Sep 2006
    Location
    Weston-super-Mare
    Posts
    1,335
    Thank Post
    31
    Thanked 54 Times in 31 Posts
    Rep Power
    24
    Quote Originally Posted by MrHappy View Post
    typical username and password for a user

    User Mark Bell

    username 09MBELLI9F
    password ntlznh4b

    took about a month for kids and staff to get used to the new username password policy but its worked.

    Its completely cut out the problems we had before i.e. kids loging on to other kids email accounts, loging on to network to delete work.
    You are having a laugh...

  13. #28

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,241
    Thank Post
    239
    Thanked 1,567 Times in 1,249 Posts
    Rep Power
    339
    I'm surprised some of you mentioned you have no password policies or no password at all. Staff generally have higher access rights/access to sensitive data and the school overall has a responsibility to protect this data.

    Believe me, I've had my fair share of problems getting security to what I consider a reasonable standard. I think the key to it all, is firstly to make the Head and ICT Co. aware and to get them on your side. The ICT Co. should create and have policies in place that all staff should agree and adhere to.

    Once you've got this far, the rest is easy as it's all enforced by GPO. I do think it's important to get an equal/fair balance of number of days a password is valid for, number of characters required, but also the history of passwords remembered. If you find people writing passwords down then I would say the password policy needs tweaking or staff need one to one support to give them a clearer understanding of the importance of network security.

  14. #29
    OverWorked's Avatar
    Join Date
    Jul 2005
    Location
    N. Yorks
    Posts
    1,010
    Thank Post
    196
    Thanked 42 Times in 34 Posts
    Rep Power
    30
    Quote Originally Posted by Sylv3r View Post
    Printed out on sticky labels so they can stick into their planners at the start of the year - not with their passwords on of course.
    Now that's a good idea! I might try that.

  15. #30

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,529
    Thank Post
    513
    Thanked 2,406 Times in 1,862 Posts
    Blog Entries
    24
    Rep Power
    822
    We don't currently have a password policy as such (ie, not a GPO one) but I believe something was started on a written one before I came. I'm not sure what happened with it though.

SHARE:
+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. password complexity help
    By timbo343 in forum Windows
    Replies: 18
    Last Post: 18th November 2007, 04:36 PM
  2. Password Protect USB Key
    By sqdge in forum Windows
    Replies: 2
    Last Post: 31st July 2007, 03:47 PM
  3. That is the right password!
    By Ric_ in forum *nix
    Replies: 9
    Last Post: 27th July 2007, 09:23 AM
  4. photos of children - any exact rules or legislation?
    By Anti in forum School ICT Policies
    Replies: 13
    Last Post: 20th June 2007, 10:26 PM
  5. Lanview password
    By kevin in forum Network and Classroom Management
    Replies: 4
    Last Post: 17th May 2007, 02:14 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •