Password Policy- Acceptable Use
The Wellesley College Acceptable Use Policy applies equally to machines maintained by the Department of Computer Science. Please make sure you have read and understand that policy. If you have any questions, please contact us at CS-SysAdmin@wellesley.edu.
Also, you should know that your password protects not just your own account, but the machine as a whole. Therefore, even though you might not care about having a good password (because your account doesn't contain anything you care about), we care. If your account is broken into by some nefarious hacker, the hacker can use it to attack other accounts and machines. Think of it like having a key to your dorm: if you leave the door unlocked, someone can get in to attack your friends and use your room as a base of operations.
We will be taking steps to protect the security of our computers, including testing passwords. If we find that your password is weak, we will ask you to change it to a better one. If you don't, we will have to lock your account. We do this not to be nasty, but because we have a responsibility to protect all the users on the machine. If your account is locked due to a bad password, you will receive an email telling you of the problem and directing you as to how to change your password. Until you resolve the problem, your account will be unusable. If this prevents you from finishing classwork, you'll have to talk to your professor about the consequences.
Basic Password Advice
Most people know the general rules for making a good password; the trouble is that good passwords are usually more work than bad ones, and we all get lazy. Moreover, password advice has changed over the years, and there is some old advice out there that is no longer relevant. Here is our current advice:
- Use a password manager
- Use a passphrase
- Use SSH-keys
You can learn more about all of these via this password advice.