New Email, New Password
With Brown's migration to Google Apps for Education (GAE), password awareness and management will change. Unlike Brown-hosted email, which required the same username and password for a variety of Brown systems (e.g., Banner, MyCourses, and MyAccount), GAE will have its own separate login ID and password, allowing you access to the entire Google suite of educational applications, such as calendar, chat, docs, and collaboration sites.
Note: Your GAE login ID, or username, is the same as your NetID, i.e., in the form of FirstName_LastName. Also, your GAE credentials are NOT the same as those for a personal Gmail account.
Many may want to keep separate passwords for the two environments. Google allows increased password strength with its capacity to handle a higher maximum number of characters, and also includes all the usual complexity rules of upper and lower case, numbers, and special characters. While there is no restriction on keeping two separate passwords, if you choose to utilize the same password for both, you are strongly urged to make your password stronger by increasing its length and complexity.
To make this simpler for you, ISG recommends that you create a password that is both long (12-14 characters) and complex (a mix of upper and lower case, with numerals and special characters included), and use it for both your Brown and GAE password. However, you should only use the same password if it is both complex and a minimum of twelve characters.
This provides the benefit of only needing to remember one password. The more difficult the better, and while it may be cumbersome at first, complex passwords become second nature to type in after only a short period of time.
ISG also recommends that you:
- Do not use dictionary words, English or otherwise.
- Do not use personal information, especially dates such as your birthday!
- Use a variation on a pass-phrase that is meaningful to you so it's easier to remember. For example, the phrase "A penny saved is a penny earned" could be turned into this strong password: pnEs8vD=rNd!
- Use a random password generator, such as this one (allowing you to control the criteria of the various values), if you can't think of a strong password.
Regarding password support and resets:
- When you activate your new GAE account, you will be forced to reset from the initial password provided.
- Password resets for GAE will now be done in Google, not in myAccount as before.
- You will continue to use myAccount to manage the password you use when accessing sites protected by WebAuth and to log into MyCourses.
- The office of Computing Accounts and Passwords (CAP) will support password resets for both GAE and Brown server accounts.
Finally, with this and other communications about passwords, it's good to remember that CIS would NEVER ask for your password. Emails that ask for your login information are only "phishing"; for what they get.
For example, the Help Desk recently received reports of emails from "brown.edu support" warning about mailbox changes. This particular phish sent "instructions" to follow. If you receive anything like this, do NOT open the attachment, which could contain malware that could infect your computer. Simply delete the message. Here is that example, described in news articles such as in ComputerWorld magazine, and on Microsoft's site:
From: brown.edu support [mailto:firstname.lastname@example.org]
Sent: Wednesday, May 05, 2010 4:56 AM
To: Last, First
Subject: setting for your mailbox email@example.com are changed
SMTP and POP3 servers for firstname.lastname@example.org mailbox are changed. Please carefully read the attached instructions before updating settings.