Good Morning, Colleagues,

    You may recall that last year we started a process to require annual password changes.  We suspended implementation as we tried to develop a better way to integrate with the AD system.  Ultimately, in mid spring semester we realized that that integration was more time-consuming than we'd expected and concluded that we should implement without it for now.

    So we're proceeding with the systems we have in place for supporting and enforcing password changes.

    But, mindful of everyone's concern a year ago about the workload this might generate for Client Services and Distributed Support staff, and about the disruption it might cause some of our clients, we're proceeding with a pilot group of 100 clients initially.  Those clients will receive personalized emails on Tuesday in a form like this:

      
http://www.uvm.edu/ets/projects/password/lockout-email-20090707.html

The following will go up on the ETS web site:

      
http://www.uvm.edu/ets/projects/password/lockout-article-20090707.html

And a simple one-line message will go onto the login pages for myUVM, Webmail, Blackboard, Peoplesoft:

       http://www.uvm.edu/ets/projects/password/lockout-blurb-20090707.html

    The UVM Helpline phone has been updated with password change information to help our customers and verify that the message is really from UVM and not a phishing attempt
.

    I believe we've been very effective in educating the UVM community about password-harvesting scams, and so it's likely many in our community will ignore the email.  We're hoping that they will at least talk with a support-provider they trust, or call the Helpline.  So if you do get calls questioning the authenticity of the email, please confirm that they're talking about THIS email notification (and not some scam) and then reply "yes, you'll need to change your password" and make sure they're using the correct link
(https://www.uvm.edu/account/).

    We'll be using this pilot of 100 clients, broadly distributed across campus but all with very old passwords, to gather information about how to handle this more effectively and efficiently as we scale this up across campus.  As always, your observations and advice will be very much appreciated.

David


--
[log in to unmask]" alt="UVM" align="left" height="60" width="53">

Dr. H. David Todd

Chief Information Officer

University of Vermont

802-656-4900

[log in to unmask]