Security Tips

Passwords - Choose a long and strong password phrase

As the new Banner system starts to be implemented across campus, the need for STRONG passwords and computer security becomes even more critical. Choosing your password is an important step in securing access to the private information that many faculty and staff need to handle on a daily basis. You should NOT use words found in a dictionary or proper names because these are easily cracked by automated programs that rely on the patterns found in words.

Instead, think of a phrase you find memorable which includes one or more numbers and just use the first letter of each word and the number. In addition to one or more numbers be sure to include special characters, such as #, &, or %. Make some of the letters capitals to make the password even better. Another way to include numbers is to use a zero for the letter O, a one for the letter I or L, or a 3 for the letter E.

Example: My little dog Trixie had fleas in 08 & now She does not! = MldThfi08&nSdn!

A good password should:

  1. NOT contain all or part of your username, social security number, or birth date.
  2. Be at least 8 characters in length and over 14 characters long if you have something important to protect.
  3. Contain characters from:
    1. English uppercase characters (A through Z)
    2. English lowercase characters (a through z)
    3. Numeric characters (0 through 9)
    4. Special characters on your keyboard, such as %, #, or !, etc.

If you need to write down a password, NEVER tape it to your machine. Keep it in a locked location away from the machine.

Macintosh users may wish to use a built in feature to help you gauge the strength of your password. In Macintosh OS X:

  1. Macintosh Password Assistant
  • Go to System Preferences
  • Click on the Accounts pane
  • Click the Change Password button
  • In the dialog box that appears click the key icon to bring up the Password Assistant.
  • Choose the type of password from the pop-up menu.
  • Choose the length of the password on the slider and a suggested password will be provided.
  • If you set the type to Manual,you can also enter a password of your own choosing and it will give you an indication of how secure it thinks it is. See example below.

    alt

    Protect your password or your accounts will be compromised. Remember to never tell your password to anyone else and never write a password down where it could be read by others. If you take some time to come up with a memorable phrase, you should not need to write it down.

    About TTU Domain Passwords and Banner

    Banner passwords for Self Service Banner and Internet Native Banner are different than the TTU Domain Account password. View more information about Banner logins.

    For faculty and staff on the Exchange Server, your TTU Domain password is your email password. Also, it is usually the password you give to log into your machine when you start it up. Please contact This e-mail address is being protected from spambots, you need JavaScript enabled to view it or your college ITS contact if you have questions about this.

    Banner and Third-party Software

    Internet Native Banner requires several different programs working together in order to function properly. The primary components include a network connection, a Web Browser (Internet Explorer is recommended), and Java. Any other program that causes a change in any of these can cause Internet Native Banner to stop working. Some third party software that is installed by the user can cause problems with Banner, and may compromise the stability and integrity of the computer. Examples of software that have been found to cause a problem with Banner at some schools include, but are not limited to:

    • Toolbars (Google Toolbar, Yahoo Toolbar, Hotbar, Dashbar)
    • Screensavers and Photo Programs (Webshots, Holiday Screensavers, theme based screensavers)
    • Web based games (word games, numbers games, puzzles, card games)
    • Utility programs (Google Desktop, coupon/shopper programs, alert type programs)
    • Weather Programs (Weatherbug, Weather Panel)
    • Messaging Programs (Yahoo Messenger, AIM, Trillion, MySpace IM)

    Many times a program can seem helpful and harmless, but will open up a back door that can download and install many additional malicious programs without your knowledge or explicit consent. Also, visiting some non-work related website has the potential to cause problems, since websites can download and install malicious programs in the background with little user interaction. The original program that was downloaded and installed, or the website that was visited, may not cause immediate problems with Banner and the computer, but the other installed programs can cause problems at a later time. These additional programs may cause your computer to become unstable, may cause pop-ups and advertisements to appear, and can be a security issue if they compromise or collect personal or TTU related information. If you feel your system has been compromised in this way, please contact This e-mail address is being protected from spambots, you need JavaScript enabled to view it or your college ITS contact.

    Viruses

    A computer virus is a malicious computer program which replicates and is intent on causing harm to an infected computer or to a network. It may arrive in an email attachment or through shared files or through other flaws discovered by hackers in the programs running on your computer.

    All university owned machines are installed with Symantec Anti-virus Corporate Edition prior to being connected to the network. If for any reason, you believe that your machine does not have this installed, please contact This e-mail address is being protected from spambots, you need JavaScript enabled to view it or your college ITS contact. For more information on anti-virus products for student machines or home machines, see this link.

    Spyware

    Spyware is software that is installed on your computer by programs, sometimes without your knowledge, that may pass on information about you and your system to the spyware company. It may be installed by visiting certain web sites, or you may agree to it as part of a licensing agreement when you download an often "free" program. It may also add unwanted features that are hard to remove. Other programs are considered Malware because they cause system instability and may lead to crashes or other difficulties with your computer.

    ITS recommends against downloading programs to your computer such as: WeatherBug , WebShots, New.Net, Gator, and others. Please contact This e-mail address is being protected from spambots, you need JavaScript enabled to view it or your college ITS contact for more recommendations concerning downloads to avoid.

    In order to protect against spyware or malware, home or student users could install Windows Defender. This is available at the Microsoft Windows Defender web site. However, please note that this may conflict with some antivirus programs including Symantec Antivirus, so you may wish to check that out before installing.

    Phishing and Spam Emails

    Although Information Technology Services uses software to filter out over 90% of the email that is sent to campus as spam, some still gets through the filters. Some of the messages that do get through may be inappropriate, while others are just a nuisance. Individuals who create these messages are becoming more sophisticated in how believable the messages appear. So, always to take GREAT care in reading and opening links in your email. Do NOT open any link to a banking institution, IRS, etc. from within an email. Never enter credit card information or other personal information via an email link from within a message. If you think a message may be valid, then type the address that is the company's genuine website into the address bar of the browser, rather than trusting any hyperlinks in a message. You can use Google to search for the institution's name and then use that link to visit the real site. To learn more about phishing, see this Carnegie Mellon University site and play an anti-phishing game http://cups.cs.cmu.edu/antiphishing_phil/ If you feel you have a specific problem or your system has been compromised, please contact your college ITS contact or This e-mail address is being protected from spambots, you need JavaScript enabled to view it

    Sharing Files

    If you need to share files with others in your office that contain confidential information, do NOT do so by sharing your password. This e-mail address is being protected from spambots, you need JavaScript enabled to view it or your college ITS contact can work with you to design the best and most secure way for file sharing. This might involve moving the files to a server, or creating multiple login accounts on one machine. Do not give student workers access to your passwords. MicroSupport can help set up appropriate student worker accounts on machines to which they need access.

    ITS Policies

    Several Information Technology Services policies are in place that relate to security. In order to connect a computer to the campus network, a computer must meet certain standards. Please refer to these policies.

    Other Security Information

    Apply Now