But I don't want to change my password...

Customer quote...

"Thank you, but I choose not to change my password. I do not believe that I am endangering University resources by maintaining a password that is meaningful and memorable to me. I would be grateful if you did not insist on this change."

The response...

The reason your password change is important is that computer systems worldwide have come under increasing numbers of attacks by malicious individuals. Password cracking technology has become so sophisticated that many passwords that were considered adequate in the past can no longer withstand modern attacks. Why the increase in attacks? In many cases, they are searching for personal information that could be used for identity theft purposes. Additionally, they may be looking for confidential research. Or they may simply be interested in disrupting service or engaging in mischief. In any of those cases, repair of the damage caused and the effort to satisfy legal obligations in cases where private information is exposed can incur enormous cost.

Often, the way these malicious individuals get into a system is by determining someone's netID and password - anyone's netID will do. Once the individual gets into a system with that netID and password, he or she can use a variety of techniques to obtain additional information that will give him or her additional privileges. The key is that it is not uncommon for an attacker to use the netID and password of a person who may not even have direct access to confidential information.To date, dozens of universities have been named in news articles for the exposure of private information to individuals using techniques described above.

Many things have been done in our computing environment to protect against such attacks and, at this time, our largest risk is associated with passwords that can be uncovered. As more and more members in our community update their passwords to a value that is difficult to determine, our risk is significantly reduced.

It's easy to come up with a new, secure, password that is memorable. See the tips and tricks for overcoming this hurdle. Please don't let this be the reason for not complying with this University-wide effort.