Computing Services would like to remind you that our systems have been patched against the Heartbleed vulnerability and that ALL students and employees will be required to change their passwords.
————————————–
Employees and students have until May 14, 2014 to change their passwords. If the password for your account has not been changed by that date, your account will be locked out.
All users can change their passwords by visiting www.adams.edu, clicking either Faculty/Staff (for employees) or One Stop (for students) and clicking the `Change your password’ button. As a reminder, we will NEVER ask you to share your username or password through email!
————————————–
See our helpful how-to on picking a strong password!
http://howto.adams.edu/index.php/Password_Tips
See our YouTube video on Heartbleed, Password Changes, and more!
If you have any questions regarding password changes or heartbleed please contact the ASU Computing Services Helpdesk at 719-587-7741 or at computingservices@adams.edu
Thanks!
ASU Computing Services
Find us on Facebook and Google+
https://www.facebook.com/asucomputingservices
https://plus.google.com/107573503149101561873
Comments Off on IMPORTANT REMINDER – Mandatory Password change for all Faculty, Staff, and Students by May 14
Computing Services invites you to come chat with us on what is new with ASU technology! To better accommodate everyone’s busy schedules, we have scheduled three different time slots in which we will be giving a short presentation covering:
-Heartbleed: What is it and what does it mean for you?
-Password Change: How to pick a good password as well as training on Password Gorilla and KeePass Password Managers
-Gmail for Faculty/Staff? We want your input on a proposed move to Gmail
-Q and A sessions and more!
Presentation Schedule
—————————————–
MCD 101
Tuesday 4/22/14 at 1:00pm
Wednesday 4/23/14 at 6:00pm
Thursday 4/24/14 at 11:am
—————————————–
We encourage all staff, faculty, and students to attend one presentation. We will also be recording the presentations and making them available online on our Youtube channel.
Can’t get away from your desk? You can also watch the presentations live on our ASU Computing Services Google+ page!
https://plus.google.com/107573503149101561873
Hope to see you there!
Computing Services
Comments Off on What’s new with ASU Technology? Computing Services Presentation Invite
As mentioned in last week’s email, Computing Services has now finished taking all actions to patch our systems due to the Heartbleed security vulnerability. Now that our systems are patched, ALL students and employees will be required to change their passwords. This is a direct result of the type of vulnerability that Heartbleed exposed. Your account cannot be considered fully secure until you have reset your password. Although there is no indication that our systems have been exploited, all passwords must be changed on our systems if there is even a chance they could have been compromised.
*****Employees and students have until May 14, 2014 to change their passwords. If the password for your account has not been changed by that date, your account will be locked out.
All users can change their passwords by visiting www.adams.edu, clicking either Faculty/Staff (for employees) or One Stop (for students) and clicking the `Change your password’ button. As a reminder, we will NEVER ask you to share your username or password through email! ******
If you have any questions or concerns, or would like assistance in going through the password reset process, please contact the ASU Computing Services Helpdesk at 719-587-7741. You may also stop by the Helpdesk Monday through Friday 8:00 AM to 5:00 PM and we will have one of our technicians help you with the process.
***Password Guidelines***
When you change your password you will need to choose a new, unique, and strong password. Please see our helpful How-To on creating a strong password, including some dos and don’ts:
http://howto.adams.edu/index.php/Password_Tips
What NOT to do when choosing a Password:
-Do NOT choose a password based on personal data that is easily obtained, such as your name, username, address, your pet’s name, or your favorite sport.
-Do NOT use a password that is a word in the dictionary or as keyboard sequence, such as QWERTY or 12345.
-Do NOT choose a password that is a simple transformation of a word. For example, password123 is not a good password, since 123 is a common, simple transformation of a word.
-Do NOT use the same password for multiple systems. If you use a password for your ASU account you should not re-use that password on personal sites, such as banking or social media. Every site should use a unique password.
-We strongly recommend using a password manager. Details on the recommended password managers can be found in the password tips link above.
***Got questions? Come talk to CS staff at a technology update discussion session***
All students and employees are invited and encouraged to attend a briefing by the Computing Services staff next week that will provide further information regarding the Heartbleed vulnerability, and share secure password management practices. A follow-up email will be sent out shortly with the dates and location of these meetings.
***More information regarding Heartbleed***
What is heartbleed?
Heartbleed is a vulnerability in OpenSSL that lets an attacker read the memory of a web server, which could include information such as usernames, passwords, emails, and credit card information. Some ASU services use OpenSSL, which is why we are forcing a password change for all our users.
Should I change all my passwords?
If the website you use also used OpenSSL, then you should change your password. CNET has a list of the top 100 websites, including if they were vulnerable, if they have been patched, and if you need to change your password.
As you may have already heard in the news, there is a massive security vulnerability called ‘heartbleed’ that is causing major havoc throughout the Internet. ASU Computing Services has already begun taking measures to eliminate the vulnerability on the servers that are affected. In order to fully finish securing our systems, there will be some outages in service as outlined below:
-Today (4/10/14) beginning at 5:30 PM, we will be patching our Aruba wireless system. This will take down all wireless Internet services for approximately 60 minutes.
-Beginning tomorrow afternoon (Friday) various web services such as the main campus web server, the employee email server and other, less noticeable services will be briefly unavailable as we apply our new security certificate. Estimated outages are anticipated at 10 minutes or less.
***Passwords, please read***
This is a very serious vulnerability that has impacted a major percentage of Internet web services. Computing Services will be sending out an announcement next week indicating when we want ALL ASU users to change their passwords. We are timing this forced password reset to coincide with the completion of our patching of the back-end systems that have been affected. When you receive this email next week, PLEASE follow the instructions to reset your password, but as always, NEVER send your username and password in an email to ANYONE.
Also, Computing Services strongly urges everyone to consider changing ALL of the passwords that they use for other Internet services such as personal Yahoo and Gmail accounts, banking sites, social networking sites, and anything else that you log into on the Internet.
If you have any questions at all or concerns regarding this important issue, please contact the ASU Computing Services Helpdesk at x7741 or via email at computingservices@adams.edu
****CS Maintenance for tonight, 4/10/14****
Finally, Computing Services will be performing a few other maintenance tasks beginning tonight at 9:00 PM:
-Employees are encouraged to log off but leave their computers on overnight to assist with the patching process of Windows, Office, Flash and Firefox.
– Also at 9:00 PM and lasting roughly 30 minutes, Computing Services will be performing maintenance on the campus TEC Classrooms. While we don?t anticipate any issues with this maintenance, please let us know if you experience any issues in the TEC Classrooms on Friday morning.
Computing Services thanks you for your patience and understanding as we perform these critical maintenance activities. As always, if you have any questions, please call the ASU Computing Services Helpdesk at 7741 or contact us via email at computingservices@adams.edu
Thank you!
Computing Services
Comments Off on Computing Services Announcement regarding ‘Heartbleed’ vulnerability, please read!
