public:user_accounts

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
public:user_accounts [2021-11-02 16:06]
marp [Password usage tips]
public:user_accounts [2021-12-07 15:51] (current)
vesely
Line 3: Line 3:
 ---- ----
  
-Note: For Charles University Central Autentication Services (CAS) please go to [[https://ldapuser.cuni.cz/|https://ldapuser.cuni.cz/]]+{{:public:pasted:20211124-135717.png?60x60}} **The Charles University realm** 
 + 
 +Unified access to central web services for students, staff and external users with single login and password for all services. 
 + 
 +<faicon fa fa-hand-o-right> For Charles University **Central Autentication Services** (**CAS**) please go to [[https://ldapuser.cuni.cz/|https://ldapuser.cuni.cz/]]
  
 ---- ----
  
-**The CERGE-EI realm:**+{{:public:pasted:20211124-140152.png}}**The CERGE-EI realm**
  
 Every faculty and staff member as well as every student are eligible for network and email accounts. These accounts are setup by the network administrator after filling up a simple form by a new LAN user directly at the computer office on the 4th floor, room 409. ** CERGE-EI email accounts are "lifetime" accounts for all alumni, provided they are looked after by users. The size of mailboxes can be extended upon request in justified instances by contacting the Computer Office at [[helpdesk@cerge-ei.cz|]].**. Every faculty and staff member as well as every student are eligible for network and email accounts. These accounts are setup by the network administrator after filling up a simple form by a new LAN user directly at the computer office on the 4th floor, room 409. ** CERGE-EI email accounts are "lifetime" accounts for all alumni, provided they are looked after by users. The size of mailboxes can be extended upon request in justified instances by contacting the Computer Office at [[helpdesk@cerge-ei.cz|]].**.
Line 51: Line 55:
 ==== Password usage tips ==== ==== Password usage tips ====
  
-It's highly recommended to use **strong passwords**, which **does not contain** the __user or company name__, __real name__ or a complete __dictionary word__.+It's highly recommended to use **strong passwords**, which **does not contain**  the __user or company name__, __real name__  or a complete __dictionary word__.
  
-Do **NOT** use the **same password** for multiple logins (e.g. the same password for gmail, facebook, windows domain authentification at work, dropbox etc.): when login credentials of __one of them is compromised__, __all the services__ using the same password should be considered compromised too!+Do **NOT**  use the **same password**  for multiple logins (e.g. the same password for gmail, facebook, windows domain authentification at work, dropbox etc.): when login credentials of __one of them is compromised__, __all the services__  using the same password should be considered compromised too!
  
 It's difficult to remember a whole bunch of complex passwords, therefore it's recommended to use a password manager, for instance [[http://www.lastpass.com|www.lastpass.com]] for online usage or software based for offline usage [[http://keepass.info/|http://keepass.info/]]: you have to remember only one strong "master" password - the others are stored safely in a "vault". It's difficult to remember a whole bunch of complex passwords, therefore it's recommended to use a password manager, for instance [[http://www.lastpass.com|www.lastpass.com]] for online usage or software based for offline usage [[http://keepass.info/|http://keepass.info/]]: you have to remember only one strong "master" password - the others are stored safely in a "vault".
  
-You can even use the **same strong password** for __multiple logins__, just add a __"service identificator"__ - example for gmail would be "sTRONgPassW0rd@gmail", example for facebook could be "sTRONgPassW0rd@FB" - but security is lower than in separate complex passwords..+You can even use the **same strong password**  for __multiple logins__, just add a __"service identificator_ckgedit_QUOT___ - example for gmail would be "sTRONgPassW0rd@gmail", example for facebook could be "sTRONgPassW0rd@FB" - but security is lower than in separate complex passwords..
  
-Make sure you know **how to reset the password** for all of your websites, services, computer accounts you have. In most cases, new password activation link is send to your email filled in during registration. Some services use 2way authentification verification as most banks do, e.g. cell phone SMS.+Make sure you know **how to reset the password**  for all of your websites, services, computer accounts you have. In most cases, new password activation link is send to your email filled in during registration. Some services use 2way authentification verification as most banks do, e.g. cell phone SMS.
  
-If you __accidentally left behind your smartphone somewhere__, **reset immediately** the password for all the services used on the phone - eg. Facebook, email accounts. Attacker could gain access to these services and perform __identity theft__ on you.+If you __accidentally left behind your smartphone somewhere__, **reset immediately**  the password for all the services used on the phone - eg. Facebook, email accounts. Attacker could gain access to these services and perform __identity theft__  on you.
  
-**Encrypt** your entire phone (e.g. Android has already added this feature), encrypt the entire disk of your laptop using windows __Bitlocker__ or __Truecrypt__ version 7.1a max. - newer versions are not considered safe. In case of theft/loss your data are safe because of encryption.+**Encrypt**  your entire phone (e.g. Android has already added this feature), encrypt the entire disk of your laptop using windows __Bitlocker__  or __Truecrypt__  version 7.1a max. - newer versions are not considered safe. In case of theft/loss your data are safe because of encryption.
  
-Passwords should be **changed regularly**. Stronger password could be changed less often, anyway a rules of thumb is: "the __period of password change__ should always be __shorter than__ approx. amount of __time needed to crack it__."+Passwords should be **changed regularly**. Stronger password could be changed less often, anyway a rules of thumb is: "the __period of password change__  should always be __shorter than__  approx. amount of __time needed to crack it__."
  
-**Do not tell a password to anyone**! If you have to tell a password to somebody else e.g. in order to complete an important task, __change it immediately after the usage__ then.+**Do not tell a password to anyone**! If you have to tell a password to somebody else e.g. in order to complete an important task, __change it immediately after the usage__  then.
  
-**Do not send passwords by email!** Emails travel through internet in plain text form and it is relatively easy to capture an email. Better ways how to share a password are __SMS__ or to tell it during a __phone conversation__.+**Do not send passwords by email!**  Emails travel through internet in plain text form and it is relatively easy to capture an email. Better ways how to share a password are __SMS__  or to tell it during a __phone conversation__.
  
-Do not react to the **forged emails** telling you to change your password to some of your accounts somewhere. This social technique is called "**Phishing**".+Do not react to the **forged emails**  telling you to change your password to some of your accounts somewhere. This social technique is called "**Phishing**".
  
-**Do not write** passwords on __piece of paper__, __stickers__ etc.: anybody accessing your table can **abuse them**.+**Do not write**  passwords on __piece of paper__, __stickers__  etc.: anybody accessing your table can **abuse them**.
  
  
  • /var/www/html/dokuwiki/data/attic/public/user_accounts.1635865561.txt.gz
  • Last modified: 2021-11-02 16:06
  • by marp