Acceptable Use

The Wellesley College Acceptable Use Policy applies equally to machines maintained by the Department of Computer Science. Please make sure you have read and understand that policy. If you have any questions, please contact us at The CS-SysAdmin name works in Wellesley Gmail.

Password Warning

Also, you should know that your password protects not just your own account, but the machine as a whole. Therefore, even though you might not care about having a good password (because your account doesn't contain anything you care about), we care. If your account is broken into by some nefarious hacker, the hacker can use it to attack other accounts and machines. Think of it like having a key to your dorm: if you leave the door unlocked, someone can get in to attack your friends and use your room as a base of operations.

We will be taking steps to protect the security of our computers, including testing passwords. If we find that your password is weak, we will ask you to change it to a better one. If you don't, we will have to lock your account. We do this not to be nasty, but because we have a responsibility to protect all the users on the machine. If your account is locked due to a bad password, you will receive an email (to your Wellesley mail account) telling you of the problem and directing you as to how to change your password. Until you resolve the problem, your account will be unusable. If this prevents you from finishing classwork, you'll have to talk to your professor about the consequences.

Basic Password Advice

Most people know the general rules for making a good password; the trouble is that good passwords are usually more work than bad ones, and we all get lazy. Here is some advice on choosing a good password:

Additional Password Advice

The following password advice is quoted from the "man" (user manual) pages on a Linux machine. It's good advice that has stood the test of time. Your password not only protects you, it protects the machine as a whole, so it is an important "civic virtue" that you choose a good password.

Remember the following two principles

Protect your password.

Don't write down your password -- memorize it. In particular, don't write it down and leave it anywhere, and don't place it in an unencrypted file! Use unrelated passwords for systems controlled by different organizations. Don't give or share your password, in particular to someone claiming to be from computer support or a vendor. Don't let anyone watch you enter your password. Don't enter your password to a computer you don't trust or if things seem odd. Use the password for a limited time and change it periodically.

Choose a hard-to-guess password.

The system will try to prevent you from choosing a really bad password, but it isn't foolproof; create your password wisely.

Don't use something you'd find in a dictionary (in any language or jargon). Don't use a name (including that of a spouse, parent, child, pet, fantasy character, famous person, and location) or any variation of your personal or account name. Don't use accessible information about you (such as your phone number, license plate, or social security number) or your environment. Don't use a birthday or a simple pattern (such as backwards, followed by a digit, or preceded by a digit.

Instead, use a mixture of upper and lower case letters, as well as digits or punctuation. When choosing a new password, make sure it's unrelated to any previous password. Use long passwords (say 8 characters long). You might use a word pair with punctuation inserted, a passphrase (an understandable sequence of words), or the first letter of each word in a passphrase.

These principles are partially enforced by the system, but only partly so. Vigilance on your part will make the system much more secure.

You should remember your password (try to memorize it). If you do forget, no one can tell you what it is, because nothing on the system records that information. However, the system administrators can reset your password, should you happen to forget it.