Search Google Appliance

Passwords grant access to online IT resources such as a bank account, computer, email, or a server on a network. Passwords are designed to limit access to only those individuals who are authorized. In this way, they help protect your privacy and identity. The strength of your password is an important factor to consider. If passwords are guessed or stolen, someone logging in under your identity could possibly cause problems with your credit, reputation, or with MIT's resources.

If you have a hard time remembering all of your passwords, LastPass Enterprise is a password management system that removes the inconvenience of remembering all of your passwords and increases security.

Kerberos passwords

Your MIT Kerberos username and password authenticates you before giving you access to various MIT web services such as the online email and calendar and secure wireless network.

Updating your password

It is a good practice to change your Kerberos password on a regular basis, at least once a year. A good time to change it is around the certificate renewal period in the summer.

If you haven't changed your password in a while, before you do so, refer to this article on strong passwords. It offers guidelines on picking a new password.

Keeping your password safe

MIT's network is under constant and heavy attack from automated password crackers running against MIT's authentication systems. It is important to protect your password by:

  • Signing up for the (free) LastPass Enterprise password management system.
  • Changing your password at regular intervals.
  • Having a strong password.
  • Never telling anyone your password or hinting at it, not even to friends, colleagues, system administrators, and account managers.
  • Picking passwords you can remember and don't need to write down.
  • Locking your screen or logging out when stepping away from a computer, especially in a public area.
  • Using a temporary password when using a public computer or a public network to access confidential information.
  • Ignoring requests by websites or browsers to "remember" your password.