|
Briefing
ID #: 24723
ALL EMPLOYEES: ITS - Tips for Transitioning to the New Password Format
Category:
|
|
|
|
|
Audience:
|
All
Employees
|
|
|
|
|
Due
Date:
|
n/a
|
|
Meeting
Date:
|
n/a
|
|
|
|
|
Attachment(s):
|
_PW_Management_April_2019.pdf
|
The purpose of this briefing is to provide tips and best practices for users
transitioning to the new 12-character password format which became available on
March 1, 2019.
ITS implemented a new password format in response to multiple audit findings
and to begin aligning the District with the National Institute of Standards and
Technology guidelines regarding passwords. Please note the following:
- The
New 12-character Dadeschools (network) Password:
- Will never expire.
- Must include the following:
- Minimum of 12 characters with combination of letters,
numbers, and special characters
- Include at least one upper case and one lower case
letter; at least one number, and at least one special character (e.g. ! @ # $ % ^ & *).
- Will be different from the 8-character mainframe
password.
- DSIS users will have two different passwords:
- a 12-character password for Dadeschools
(network) login which never expires and
- an 8-character password for the mainframe which will
never expire.
- Tips
for Using the M-DCPS Password Management App:
- The new M-DCPS Password Management tool (formerly
known as P-Sync) will require all users to register and complete a new
profile by answering four personal security questions.
- Follow the instructions on the attached user guide.
- Log into the M-DCPS Password Management app at www.dadeschools.net/employees.asp
with your current Dadeschools password.
- Complete four security questions. Then click the
house icon to return to the Password Management homepage.
- Click "View/Update Profile" to update your
user "Attributes."
- This section allows you to enter your mobile phone
number and provider (e.g. Sprint, Verizon, ATT).
- Adding a mobile number will allow you to request
a four-digit PIN via text message that will grant you access
to the system to reset your password. Using this functionality will
allow you to reset your password without a HEAT ticket.
- Users with mainframe access must reset both their Dadeschools and mainframe passwords when creating
their new profiles.
- Password Management refers to the two passwords as
"target systems" to reset.
- You will need to reset both passwords when creating
your new profile.
- Should you desire to change one of your passwords in
the future, select the desired target system to reset either your Dadeschools or mainframe password independently.
- Users who are revoked from the mainframe may request
a mainframe password reset from their Principals. Please see Weekly
Briefing #23554 for details.
- Tips
for Creating Passwords:
- Passwords should be easy for you to remember and
difficult for others to guess.
- Protecting Your Password:
- Some of the easiest account hacks involve automatic
password guessing using ordinary words from the dictionary.
- Do not use your Dadeschools
password for other online accounts. If an online account password is compromised, this
means that any other account using the same password is vulnerable.
- Your Dadeschools password
controls access to some of your personal information.
- Many people talk about the topics covered in the
security questions in their password profile with friends, colleagues,
or students, and unknowingly provide them with the information needed to
change their password.
- Tips
for Remembering Passwords:
- A meaningful password combination can be derived rom the first letter of each word of your favorite
song/poem/book/movie/nursery rhyme, etc.
- For example, "Jack and Jill went up the hill:
- Taking the first letter of teach word yields the
following: JaJwuth.
- This example already meets the requirement to use at
least one capital letter.
- Special characters can be added before, after, or in
between letters: JaJwuth#.
- Do not reuse passwords across multiple sites;
individualize a password by adding additional characters before or after
a meaningful password combination or passphrase that related to the site:
- JaJwuth#K-12
- In this example, the "K-12" added at the
end of the password base indicates that
this is related to the user's Dadeschools
password.
- The resulting password, JaJwuth#K-12, would take approximately
34-thousand years to crack, according to Dashlane
Password Manager.
- Please do not use this specific example as your
password!
- Users
are encouraged to migrate to the new 12-character, non-expiring password
prior to the end of the school year.
- Submit
questions about this information via Self-service at