June 21, 2011

Information Technology Services Urges Stronger Passwords to Thwart Hackers

Last week, several educational institutions, including Vanderbilt, were targeted by Lulz Security, or LulzSec, in an attempt to obtain user names and passwords.

Lulzsec is the group responsible for hacking into Sony, Nintendo, the CIA and the U.S. Senate sites recently. While ePasswords were not targeted, other systems that contain e-mail addresses, user names and passwords were targets. While Vanderbilt enforces strong passwords for the ePassword, some sites, even those containing sensitive information, do not require strong passwords.

Vanderbilt encourages all in its community to consider strengthening passwords used on all sites on the internet. Take care not to reuse user names and passwords across sites.

These include passwords used for gaming and social networking sites such as Facebook, as well as personal e-mail sites such as Gmail or Yahoo. Passwords need to be sufficiently complex to help thwart hacking attempts.

Solid passwords are those that cannot be guessed easily, and contain words that cannot be found in a dictionary. Including special characters, numbers and upper case characters will help protect your password from being hacked. Never use your VUnet ID and ePassword on systems outside Vanderbilt.

Vanderbilt is taking steps to enhance security in addition to reminding users to change and strengthen their passwords. Vanderbilt is committed to online safety and we ask the community to take this opportunity to review accounts and passwords used at Vanderbilt and on the Internet.