Holidays Come - Passwords Go
The holiday season is approaching and with it, the best chance of losing your password!!
_image.jpg?subformat=icon)
If you are keen to access your CERN mailbox or other computing facilities at CERN from the Internet café at your hotel, hold on and think twice. Is that local PC trustworthy? Most likely it is not. It might never have been patched, and, thus, has been infected by plenty of computer viruses long time ago. Worse, nasty people might have installed tools which aim at stealing your password once you type it. Therefore, it is better to use your own laptop or mobile phone for such activities. If you decided to connect to CERN from an untrustworthy computer and had typed in your CERN password there – please seriously consider changing your CERN password at http://cern.ch/account as soon as you have access to a trustworthy computer.
However, also take care when using your own laptop or mobile device: wireless communication can be intercepted. Many wireless access points, e.g. at airports, do not encrypt and protect network traffic by default. When you access sensitive webpages like your CERN mailbox, your bank account, or your Facebook profile, you have to ensure that you use encrypted protocols. For example, look for a “HTTPS” in your browsers address bar (and avoid “HTTP”). If you connect directly to CERN mail servers, however, you are safe: these accept only encrypted connections.
Finally, take care on your laptop. Thousands of laptop get lost per year at international airports, not to speak about those which got stolen. If this is not bad enough, losing a CERN laptop which holds sensitive or confidential documents can become embarrassing to the organization. Either encrypt your data or consider leaving such a laptop at home. Recall, losing a laptop with confidential CERN data might be considered to be a professional fault…
Happy holidays! Enjoy!
If you have questions, suggestions or comments, please contact Computer.Security@cern.ch or visit us at http://cern.ch/security.
