Kansas State University

search

IT News

Tag: eID password

Six things you need to know about IT security at K-State

Posted on by Harvard Townsend (harv@ksu.edu)

IT security = YOUThus far in 2010, 292 K-Staters have been duped by spear-phishing scam e-mails and given away their eID password to criminals who then use the stolen information to sign in to webmail and send thousands of spam messages. Sadly, we’re on pace to break last year’s record of 431 K-Staters who gave away their passwords in this way.

Obviously, the first thing on this semester’s top-six security list must be:

  1. Never give your password to anyone in an e-mail message! K-State was plagued by nearly 300 instances of phishing scams in 2009 (and 260 thus far in 2010!)  that try to trick people into replying with their eID password. The hackers responsible for these scams are relentless! If you remember this one simple rule, you can prevent becoming a victim: K-State IT support staff will never ask for your password in an e-mail, nor will any legitimate business or organization. If you get such an e-mail, just delete it. The same holds if you get an email with a link to a web form that asks you to fill in your username and password – don’t do it!

  2. Learn to recognize scams, frauds, and other forms of malicious communications so you don’t become a victim of identity theft, financial fraud, or end up with a compromised computer. Criminals are using all kinds of new tricks and coming at you from all angles — e-mail, social networking sites like Facebook and Twitter, malicious links on webpages, Instant Messaging, phone calls, and even knocking on your door. As an example, last year more than 230 K-Staters were tricked into opening malicious e-mail attachments, resulting in 230+ compromised computers. Be informed and think before you click! Continue reading “Six things you need to know about IT security at K-State”

Changed your eID password? Deadline is Sept. 8

Posted on by Betsy Edwards

Wednesday, Sept. 8, is the deadline for changing passwords on K-State eIDs for the fall semester. This mandatory password change each fall and spring semester applies to both individual eIDs and group eIDs. It prevents long-term use of the same password (a known risk factor) and is the reason passwords cannot be reused in a two-year period.

Phishing scams + stolen passwords = problems for everyone

Posted on by Harvard Townsend (harv@ksu.edu)

Criminals seem to be working overtime in their efforts to steal eID passwords, which is no surprise since their efforts are paying dividends: Since July 18, 77 K-Staters have been tricked into giving away their eID passwords via phishing scam e-mails! The count since January 1, 2010, is 255 K-Staters!

When stolen e-mail accounts are used to send massive amounts of spam to recipients all over the world, other e-mail service providers view K-State as a source of spam and start blocking ALL e-mail from K-State by putting us on their “spam block-list.” Continue reading “Phishing scams + stolen passwords = problems for everyone”

Q/A: Parents' IT questions at New Student Orientation

Posted on by Betsy Edwards

Q. My student just got their eID. How soon will it be activated?
Almost immediately.

Q. How many students are using laptops in classes?

  • In the residence halls, about 98 percent of students have laptops.
  • Less than 25 percent of K-State students overall are using laptops in classes.
  • More students are starting to use laptops in K-State’s technology classrooms.

Q. Will K-State faculty/staff ever ask for my student’s eID password?
Never in an e-mail, and only rarely under other circumstances. The IT Help Desk or any IT staff member would only ask for the password as a last resort or in an extreme situation to get the user up and running as soon as possible — and only when the user has initiated the request for help.

Q. How are security cables used to protect laptops?
Continue reading “Q/A: Parents' IT questions at New Student Orientation”

Reminder: June 8 seminar for departments on Active Directory Services

Posted on by Betsy Edwards

K-State central IT will host a question-and-answer session 10 a.m.-noon Tuesday, June 8, in the Hemisphere Room in Hale Library (Hale 501) for K-State departments/units interested in using Microsoft Active Directory Authentication Services. Active Directory authentication can be used to simplify deployment and management of IT services at no cost to departments.

Departments connected to the central Active Directory system can use eID credentials to control access to IT resources on campus.

Benefits of using the service include: Continue reading “Reminder: June 8 seminar for departments on Active Directory Services”

New type of phishing attack threatens K-State passwords

Posted on by Harvard Townsend (harv@ksu.edu)

Hackers have been VERY successful at tricking K-Staters into giving away their eID password  — in 2009 more than 430 K-Staters replied to phishing e-mails, sending their eID passwords to criminals who used those to log into K-State’s e-mail and send thousands of spam e-mails. The good news is that repeated communications by K-State’s IT security team, Help Desk, and IT support staff have slowed the pace of compromised e-mail accounts. The bad news is the hackers’ techniques have evolved accordingly with new, more sophisticated scams that steal your password.

K-State’s mantra for the last two years has been “NEVER provide your password in an e-mail to anyone under any circumstances!” How did the hackers respond? On Jan. 23, they sent the following scam e-mail to numerous K-Staters. Note that it doesn’t ask you to send your password in an e-mail. Instead, it tries to trick you into clicking on a link that goes to a website where they want you to enter your eID and password.

Continue reading “New type of phishing attack threatens K-State passwords”

Password change period ends Wednesday, Feb. 10

Posted on by Rebecca Gould

The eID password-change period for this spring is Jan. 1-Feb. 10. If your password is not changed by Feb. 10, you will LOSE ACCESS to central e-mail, iSIS, K-State Online, K-State dial-in Internet service, free laser printing, university computing labs, and other IT services.

To change your password, go to eid.k-state.edu and sign in. Under Password Settings, click “Change your eID password or password-reset options” and follow the prompts.

After changing your eID password, you may also need to change the password settings for your K-State dial-in Internet service or your local e-mail client.

Continue reading “Password change period ends Wednesday, Feb. 10”

eID password deadline is Wednesday, Sept. 9

Posted on by Betsy Edwards

verifyThe university’s mandatory password change each fall and spring applies to individual eIDs as well as group eIDs. Wednesday, Sept. 9, is the fall-semester deadline for changing passwords on K-State eIDs.

Be aware that passwords can now be longer — from 7 up to 30 characters — including blank spaces. All other criteria remain the same. The Password FAQs list the complete password criteria, plus tips on choosing a good password.

  1. Remember: K-State (and other legitimate institutions) will NEVER ask for your password via e-mail.
  2. Continue reading “eID password deadline is Wednesday, Sept. 9”

Five things you need to know about IT security at K-State

Posted on by Harvard Townsend (harv@ksu.edu)

Thousands of new faculty, staff, and students have arrived and a new semester has begun, so it is time to remind everyone of their personal responsibility in protecting themselves online and keeping K-State information and technology safe. To quote IT security experts, “the Internet is a bad neighborhood,”* and based on the number of security incidents at K-State thus far in 2009, it’s getting worse. You can still function safely online, though, if you take the time to learn about security and “think before you click.” Here are five things you need to know about IT security at K-State:

  1. Never give your password to anyone in an e-mail message. K-State has been plagued by more than 200 instances of e-mail scams over the last year that try to trick people into replying with their eID password (yes, that’s nearly one per day). In fact, thus far in 2009, nearly 300 K-Staters have had their eID password stolen this way. If you remember this one simple rule, you can prevent becoming a victim of these scams:  K-State IT support staff will never ask for your password in an e-mail, nor will any legitimate business or organization. If you get such an e-mail, just delete it.

    2. Continue reading “Five things you need to know about IT security at K-State”

K-State eID passwords have new limit of 30 characters

Posted on by Betsy Edwards

The timeframe for changing passwords on K-State eIDs started Aug. 1 and runs through Wednesday, Sept. 9, the deadline for changing passwords for the fall semester. The standard rules apply, with one exception — now passwords can be up to 30 characters long (minimum is still seven characters). This change is the result of two years of planning, programming, and coordination across K-State’s central computing systems.

This change is due, in part, to feedback from K-Staters that it was frustrating to limit passwords to 7-8 characters. Longer passwords can be more complex and are more secure since, as a general rule, the longer the password, the more difficult it is to crack. Another benefit is that K-Staters can create passwords based on information segments that are easier to remember, such as word phrases and number sequences.

Continue reading “K-State eID passwords have new limit of 30 characters”