SLAC Today logo

Passwords Must Now Change Every 6 Months

Cybersecurity is an important part of computing at SLAC. Fortunately, because SLAC is an open science facility, the lab has no scientific secrets to protect; instead, we only have to protect ourselves from people trying to do either harm or mischief to our information systems.

Passwords are how we protect computing systems at SLAC. Our policies for the administration and use of passwords are subject to Department of Energy (DOE) oversight; and, as a result, beginning on Tuesday, April 17, we will implement a new policy for password expiration to complete one of the Plan Of Action and Milestones which was created during a recent Site Assistance Visit from the DOE.

As of tomorrow morning, all passwords for all SLAC information systems will need to be changed every six months. You should receive an email expiration notice for your accounts prior to reaching this limit from the various administrative groups here at SLAC. However these notifications are only effective if you actually are able to read them, so please work with your respective support group to insure that your e-mail address of record is one that you access and read regularly. Then please follow the directions in a timely fashion, so you and the support teams do not have to hassle with reviving an expired user account.

Passwords are definitely a challenge to create, maintain, remember and keep secure. There are some helpful tips for this are available online. There is also a PDF document which you can read to get more detailed information about this new policy from the Password Policy Change Information Sheet.

We all rely on each other to help keep our SLAC information environment easy to access, yet appropriately secure. Doing your part by following the policies we have set up will help the entire SLAC community. Thanks in advance for your help!

—Gordy Gordon, April 16, 2007