Unfortunately, it is extremely difficult for UITS to know who is trying to access your account if the individual responsible is using your username and password. However, as long as you keep your password secret and change it frequently, your account should be safe.
Many people report security breaches to the Support Center erroneously, often due to a misunderstanding regarding the recorded time of their most recent login. This can be due to a system's use of the 24-hour clock, or even Greenwich Mean Time (GMT) instead of Eastern Standard Time (EST).
On the other hand, you might see something like: Last unsuccessful login for dvader: Fri Dec 14 12:35:24 2004 on ttyq1 The word "unsuccessful" means that someone has attempted to use your username to log in, but used the wrong password. In combination with the time of the "Last successful login" message, you may be able to determine whether someone succeeded in guessing your password.
Sometimes people make typing mistakes, maybe adding or omitting a letter in their usernames when logging in. For example, jxsmith might erroneously enter jsmith when prompted for a username. The next time the real user jsmith attempts to log in, it will appear that someone has attempted to log into that account. In this case, jxsmith was not attempting malicious or illegal behavior, but rather is guilty of simple human error.
If you suspect that someone has guessed your password and logged into your account:
1. Change your password immediately.
2. Then, report the following information to it-incident@iu.edu :
* Which account(s) you believe was/were broken into, including your username and system, e.g., dvader on Steel
* The time(s) that you believe your account was compromised
* Why you think your account was compromised
Note: Do not include any names of individuals you suspect may have accessed your account(s). The Information Technology Security Office (ITSO) at IU will request this information if it is needed.
For maximum security, please change your password frequently. Also, remember that it is against IU policy to share your password or accounts with others
No comments:
Post a Comment