Students required to update CNet passwords

Students who have not changed their CNet passwords within the past 12 months are now required to do so, as part of an ongoing initiative of the University of Chicago’s IT Services office to improve information security.

IT Services emailed some 6,000 students this week as part of its CNet Password Refresh Campaign, urging them to choose a new password by the deadline assigned to them beginning now through April 13.

“Changing your password regularly is easy to do and is an effective element of managing risk to your personal information,” said Tom Barton, senior director for IT architecture, integration and security and chief information security officer.

Barton advises using strong passwords and changing them at least once a year. As an alternative, he suggests students consider using a “passphrase,” a string of words or a short sentence that is easily remembered by the user but difficult for a hacker’s computer to figure out.

“Weak passwords, especially ones that haven’t been changed for a long while, can be exploited to access your personal information and to impersonate you while accessing important University research and resources,” Barton said.

Students can change their passwords by following instructions on the CNet Password Change information page. They are asked to update passwords on all personal devices, including smartphones and tablets. Those who fail to comply by the assigned deadlines will lose access to their CNet accounts and be required to go through a recertification process.

“Security is all about managing risk,” Barton said. “You can’t eliminate it, you just keep trying to do a better job of minimizing it.”