You might have seen the story in yesterday's WSJ about a ring of
computer-hacking students at Stoughton HS. Three or so kids got teacher
passwords, went into their SASI records, and changed grades for
"customers"--about 30 other students.
It could happen here, too, if we're not careful. If a student finds out your
passwords for system access, e-mail, or SASI, he can access your files, read
(and write!) your mail, and possibly change your grades. Here are steps you
should take to stop kids from learning your passwords:
1) Change your passwords often. Use passwords that are easy for you to
remember but hard for students to guess, or to pick up by watching you type.
There's an icon on the desktop that lets you change passwords for Windows, and
a button on the SASI logon screen that lets you do it in SASI. It's kind of a
pain, but it's the best assurance that no one can have ongoing access to your
files.
2) Allow only trusted students to work at your computer. A bad seed can
install keylogging software on your computer in about 15 seconds, and
intercept your passwords the next time you type them. It would take
determination but not much technical expertise to pull this off.
3) Don't open suspicious e-mail attachments--this is another way someone
could surreptitiously install a keylogger on your computer.
4) Make sure no one is in your classroom when you aren't. (see 2 above)
5) Don't tell any student your password, or let them see you type it.
6) Don't walk away from your computer without logging off.
Unfortunately, the vulnerability we're fighting is an inevitable result of the
way we identify ourselves to our computers. Anyone who can type the right
string of 5-14 characters can convince the system that they are you.
Coming-soon technologies like card scanners and fingerprint readers will be
harder to spoof, but for now our best defense is vigilance.
Call or write with any questions.
--Bill Herman
Bill Herman | Technology Director | Monona Grove School District
608-221-7666 x2251
|
|