Managing Student and Staff Passwords

Question: What suggestions do you have for helping manage passwords for staff and students? The IT Guy says: The best situation for an organization is to have a single sign-on system that uses authentication directly from your active directory database. The system should permit users to reset their password, and
Author:
Publish date:
Social count:
0

Question: What suggestions do you have for helping manage passwords for staff and students?

The IT Guy says:
The best situation for an organization is to have a single sign-on system that uses authentication directly from your active directory database. The system should permit users to reset their password, and should also auto-generate passwords as an option for users or allow them to create their own according to specific requirements.

Most passwords generated by people are considered “insecure” because they contain a combination of words in the dictionary and numbers. These types of insecure passwords can be hacked relatively easily by powerful computer programs widely available today. Passwords for both students and staff should require at least eight characters and should not permit any words that are in the dictionary that contain more than 3 characters to be included. Also, the password should have to include at least one capital, or uppercase, letter, and at least one number.

These are only guidelines, but the main goal is to force users to create and use passwords that are secure. Unless forced to do so, must users will not create secure passwords. But having the user create or obtain a secure password is just the first step. An equally important second step is getting that person to protect their password.

A recent incident in the Dallas, Texas area involving a blog of a cheerleader and a message allegedly posted by another student, as reported by The Star-Telegram, highlights the critical importance of safeguarding passwords. The best security policy is for users to not write down their passwords at all. If users insist on writing down their password, they should protect it just as they would a credit card number.

Clearly there are easier and less secure ways to manage passwords, but it is very important that schools model good security policy and teach constituents of all levels why password security is so important.

Next Tip: Secure password suggestions

Featured

Related

Secure Password Suggestions

Question: What suggestions do you have for teachers and students needing to create secure passwords? The IT Guy says: Bad, or insecure, passwords include things like your name, your nickname, any personal information like your address or favorite things, your school mascot, or basically any word found in the

Password help

Question: The youngest children in our elementary computer lab have a lot of trouble typing in their passwords to log onto our computer network. Do you have any suggestions for making this process easier? The IT Guy says: Consider using a generic network login that does not have a password for younger users, and

Safe Passwords

Question: Our district has recently adopted what seems to be ridiculously strict guidelines for user passwords. Is this really justified? The IT Guy says: Password security is more important than ever, and will continue to grow in importance in the future. If someone obtains or guesses your password, either

Resetting At-Ease Administrator Password

Question: The previous Macintosh computer lab teacher did not document the At Ease password and we cannot get in to change settings. How can we reset the password? The IT Guy says: The answer to this question depends on what version of the Mac OS and At Ease you are running. If you have a Utilities floppy disk

Surveys on Staff Development Needs

Question: Do you have samples of needs surveys for staff development? The IT Guy says: Take a look at this sample of survey questions I used last Spring with middle school teachers in Plainview, Texas. It is available on http://www.wtvi.com/plainview/survey_questions.pdf. The results from that survey determined

Technology Resistant Staff?

The teaching staff continues to be extremely reluctant technology users. We did not make our AYP target and now they cite this as a reason for not having time to use technology in their teaching. Is there any information I can use to help them reconsider their stance? You might want to share with your staff some

Staff Development and Technology Solutions

Can you run a technology staff development program for a K-12 district of 22,000 students with only one trainer? This is the situation we found ourselves in. Our revised District Technology Master Plan called for offering staff training in technology skills. Here's how we managed. Background Located in Orange

Manage High Priority Students

With OpenLoop High Priority Group API, these groups can be identified in any data analysis, assessment, attendance, special education, or student information system used by a district, and that same identification is sent directly into School Loop Plus.