[USER]Student's Accounts and Data Security

Contents

Accounts
Safety of Accounts, How to Change a Password
File Security
Forwarding of Student e-mail

Accounts

All students are assigned several computer accounts identified by login name and password. All accounts managed by faculty use the same login name beginning with letter 'x' followed by first 5 characters of user's surname and finished by 2 distinguishing characters, e.g. xsmith12. All accounts have the same original password which should be changed for security reasons. However passwords of these accounts are independent so you should change all of them.

Which accounts are used?

  • Unix account - this is main account used for authentization with faculty operated services. It's used to access FIT's information system, central authentization to protected web services, access to e-mail servers etc. The change is propagated within a few minutes. This account is valid through whole period of your study. You may create personal web pages with address http://www.stud.fit.vutbr.cz/~xsmith12 and use e-mail with address xsmith12@stud.fit.vutbr.cz.
  • Connecting to network. Login name is the same but the password is intentionally different. This password is stored in an open form and it's use is less secure, e.g. it may be stored in notebook for automated connection to network. This password is generated by FIT IS and may be changed any time. The change becomes valid immediately.
  • University information system login - VUTlogin. Together with VUTpassword it's used to authenticate with university level applications. Certain applications may use VUT PIN instead, e.g. VPN, WiFi and OPAC library catalogue.

    All university level applications should accept both VUT login and personal ID (printed on your student ID card). VUTlogin is completely independent on faculty login.

  • Rights and duties for utilizing the student accounts are described in the Guidelines for the Usage of the Brno University of Technology Computer Network which are obligatory for all faculties and workplaces of the Brno University of Technology.

    PhD Student Accounts

    Ph.D. students should follow the same rules. Those working for faculty are assigned another staff account. Student account is then used for their own study affairs.

    Account Safety, How to Change a Password

    An account may be used only by the user with exclusive rights for the account. It is not allowed to grant the account (password) or computing facilities to other person. Moreover, users must avoid such situations when password can be revealed - either by using such password that can be easily derived or recording the password.

    When creating a new password following rules should be followed:

    • The password must not be shorter than 8 characters. Some Unix systems identify the first 8 characters only, therefore it is necessary to use such passwords which consist of 8 characters exactly.
    • Username, surname and any other name should not be used.
    • Words from a dictionary should be avoided.
    • Do not use an identity number (passport, identity card, date of birth, etc.).

    The Unix password are changed by passwd command, in Windows 7 press CTRL+ALT+DEL, choose Change Password. When changing the password, check whether the Czech keyboard is off - otherwise the password will consist of characters that may not be entered again.

    In case you've forgotten your password, please follow these rules.

    A password will be changed after the identity of the person is verified (it is verified whether the user is entitled to use the account). To verify the identity, the student card or any other identification card with photo can be used.


    File Security

    It must be always assumed that your files can be read from anywhere on Internet. The Administrators take a big effort to avoid it, but in the field of safety it is always necessary to expect the worst possible situations. What can you do for your data safety? The list of activities starting with the most safe methods to the least safe ones is described below:

    1. Do never store confidential data in the computer!
    2. Process confidential data on the computer, copy the data to the removable media and delete the data after you finish your work!
    3. Encode data with pgp command!
    Access rights of your files should be set so they cannot be read by other users (in Unix the chmod og-rw file command can be used, in Windows right-click the file, choose Properties->Security). And keep your password in secret.

    Your IPv4 address: 54.80.33.183
    Switch to IPv6 connection

    DNSSEC [dnssec]