Safeguarding Your MCPS Accounts
In case you missed it, the February 2020 issue of MCPS IT Wire included a story with valuable information on the dangers of sharing account credentials. It is reprinted below.
It is critical for all MCPS employees to keep their usernames and passwords safe and secure. One of the primary behaviors that should always be avoided is sharing usernames and passwords with colleagues, supervisors, friends, or family. While it often feels more convenient to share your account credentials with someone, the convenience never outweighs the risk. Consider the following:
- All accountability for actions performed on your MCPS-provisioned accounts, including inappropriate behavior, remain attributable to you.
- Once a password is shared, it may be shared further than you originally intended, and could ultimately be shared with someone who uses your account inappropriately.
- Your MCPS username and password combination gives you access to numerous MCPS platforms that store your sensitive information, including paystubs, taxes, benefits, retirement, and more. Sharing your credentials with others gives them access to this information about you.
- We often use the same password, or similar iterations of a password, on various platforms outside of MCPS, such as banking, social media, or other sensitive accounts. Compromising your MCPS password may compromise your personal passwords as well.
- If you use personal information as your password, such as your birthday, childrens’ birthdays, your address, or your social security number, sharing your password will give others this personal information about you.
- When using a public computer or on a public network, consider that these machines or networks may be infected with malware that are designed to hijack your username and password.
Sharing your MCPS account credentials not only compromises data security, but it is also a violation of MCPS Regulation IGT-RA, User Responsibilities for Computer Systems, Electronic Information, and Network Security.
Best Practices for Strong Passwords
- Log in to your accounts only from a device and network that you trust.
- Don’t use birthdays, addresses, social security numbers or other sensitive personal information as passwords.
- Focus on using a passphrase over a password, such as “Cantwaitforchristmas2019!” instead of “S4ntA!*#01.” A long passphrase is easier to remember and surprisingly much more complex.
- MCPS will never ask you for your password. If someone asks you for a password, do not share it, and report the incident to the Help Desk immediately.
Reminder about External Emails
When you receive an email, please note whether the email is from another MCPS employee or from someone outside of MCPS. Emails from outside MCPS are notated by an [EXTERNAL] prefix in the subject line and in a banner at the top of the email. Never click links from an external source unless you can verify and trust the sender.