re: usernames... when I was at uni my department used to use a rotating letter to identify the year... example: I was ctztdn
ct (course) z (97 entry) tdn (my initials)
Had I been a year ealier, i'd have been ctytdn, then ctx..
This allows internal users a mnemonic for each year (and of course a non-changing username) IIRC there were only vwxyz in the rotation, as that more than covered a few years.
I think it is useful to use more than initials, however, as these soon get exhausted and you end up with "td2n" and things - yak.
We previously had no password policy, even blank were allowed. I was horrified to find that a teacher had a blank password - he just couldn't see the point of setting one. It hadn't occurred to me that staff might have no password.
When I did set a policy following this incident (and notified the whole school a month in advance) I got some nasty ear ache off the staff (none from the kids) about it for months afterwards.
I dug my heels in and now they just accept it and get on with it when they're forced to change them.
Does this make for a more or less secure system?
The most secure password systems are those which do not enforce changes
Our teacher passwords are set once and then never changed. Most have the same password for logging on locally to their laptop as they do to the network. I have complained but no one cares about security so....
The children have similar to most of you: yearsurnamefirst3lettersoffirstname (07smithemm). They don't have email addresses here.
Changing passwords is only really useful for damage limitation once someone's got in. With the primary adversary being kids here, i really think you're going to notice almost immediately you are compromised... this would, in my eyes mean the benefits are outweighed by irritations (more forgetters, writing down, etc).
Worth communicating "what to do if you think someone has your password" though.
Usernames to login are:
07AIBSMITH (Year of Entry + First 2 Letters of Form + Initial + Surname)
e-mail addresses are:
bsmith@stbedes......... (for staff and students but both on different domains, but im going to introduce a new e-mail system for students so we will probably create a new formula such as gs100@stbedes..... (initials + number starting at 100) for our student accounts. Printed out on sticky labels so they can stick into their planners at the start of the year - not with their passwords on of course.
Sorry to be so negative in my first post, the school were I used to work had some very vindictive staff. They also had no training policy so they had lots of staff who had 0 confidence in IT.
We had 90 day password changes with your last 6 passwords not permitted. We however had no restricton on how often you could change your password. Net result was some teachers when asked to change their password would then change it 6 times so they could change it back to te one they had before.
I'm surprised some of you mentioned you have no password policies or no password at all. Staff generally have higher access rights/access to sensitive data and the school overall has a responsibility to protect this data.
Believe me, I've had my fair share of problems getting security to what I consider a reasonable standard. I think the key to it all, is firstly to make the Head and ICT Co. aware and to get them on your side. The ICT Co. should create and have policies in place that all staff should agree and adhere to.
Once you've got this far, the rest is easy as it's all enforced by GPO. I do think it's important to get an equal/fair balance of number of days a password is valid for, number of characters required, but also the history of passwords remembered. If you find people writing passwords down then I would say the password policy needs tweaking or staff need one to one support to give them a clearer understanding of the importance of network security.
We don't currently have a password policy as such (ie, not a GPO one) but I believe something was started on a written one before I came. I'm not sure what happened with it though.
There are currently 1 users browsing this thread. (0 members and 1 guests)