Security tips

Passwords Never share passwords with anyone Your username and passwords are what identifies you on the Swinburne network. It is therefore important that you protect this identity so that someone else cannot impersonate you on the network. It is against …

Security tips

Passwords

  • Never share passwords with anyone
    Your username and passwords are what identifies you on the Swinburne network. It is therefore important that you protect this identity so that someone else cannot impersonate you on the network. It is against Swinburne policy to share passwords.

  • Use strong passwords
    A weak or easily guessable password is one of the most common ways to accomplish unauthorised access to computer systems. Attackers use a variety of methods to get passwords to a system, from gathering personal information to using programs that automate attacks. A strong password will make such an attack a lot harder.
    (Refer to Guidelines for selecting strong passwords).

  • Never write down a password
    Never have passwords written down on Post-It notes that are stuck to the monitor, hidden under keyboards, or in other obvious places. Passwords that are written down can be stolen.

  • Never leave workstations unattended whilst logged in
    Users must lock their workstations, use a password-protected screen saver or log out if they go away from their computers even for a short time. To lock a workstation, press the Ctrl+Alt+Delete key sequence to bring up the NetWare Security box, and then click on Lock Workstation button. To unlock, press Ctrl+Alt+Delete again and then enter the password.

  • Log off or shut down workstation
    When finished using the workstation, users can either Log off or Shut Down the workstation. Machines must not be left on overnight.

  • Change your password regularly
    How frequently you should change your password depends on how frequently you use it and how critical the resources accessed are. Generally, it is recommended that passwords be changed every three months.

  • Never store your password in a program or document
    It is generally easy for people to recover your password if it is stored in a program even without having access to your computer.

  • Do not use AutoComplete to fill in passwords when using a web browser
    Do not use AutoComplete to fill in passwords to any web sites as this can be a serious security threat. Not only will anyone who is using your computer be able to log on as you at any password-protected site, but your passwords can be retrieved even if you are not logged in.

Email

  • Check all attachments for viruses.
  • Do not click on any URL link to web pages that arrive in e-mail unless you are expecting it.
  • Delete any unsolicited e-mail (Spam mail).
  • Never open attachments unless you expecting it and are sure of the source of the attachment. It is not enough that the e-mail originated from an address you recognise. Many viruses are spread by being automatically forwarded to all the contacts in a person’s address book.

Web Browsing

  • Never click on a button or pop-up dialog without reading it carefully.
  • Do not download and install unknown software from websites that you visit.
  • Never allow a download that you did not request.