password

Ellucian COLLEAGUE Password Information

Resources for:
icon Close

Accessing Ellucian COLLEAGUE

COLLEAGUE uses single sign-on protocol for users to login. The login or user ID consists of the first part of the FDU NetID up until the @ sign in the NetID.

For instance, if your NetID webmail address is john.q.public@fdu.edu your COLLEAGUE login ID would be “john.q.public

The password would be the exact same one that you use with your FDU NetID.

Last Modified: Copy Link

How To Change Your FDU NetID Password and Display Name

Resources for:
icon Close

There are a few different ways to change your University NetID password. However, Computing Services strongly urges everyone to change their FDU NetID password using a provided Apple or Windows university computer.

The process for changing your FDU NetID password on a macOS device differs from a Windows device, so please follow the instructions provide for macOS computers below.

If you do not have a university-owned Apple or Windows laptop/desktop and cannot use a University lab computer, please follow the procedures described in “Using identity.fdu.edu Web Portal to Change your FDU NetID Password” below.

Please click on one of the links below for instructions on how to change your FDU NetID password:

Windows: Changing a FDU NetID Password on a University Computer

Note

You must already be logged into the machine when performing the password change process.

  1. On FDU issued laptops, desktops, and lab machines, the FDU NetID password can be changed by pressing the “Ctrl+Alt+Del” button combination on the keyboard from any screen and selecting “Change a Password
  1. Now enter the following:
    • Your old or current password
    • Type in a new password
    • Retype the new password to confirm
    • Press the “Right Arrow” button to continue

Tip

The newly created FDU NetID password must meet the complexity requirements.

Use 8 to 16 characters for your new password. Passwords must include all of the following 4 character types: Upper case letters, lower case letters, numbers, and special characters. Allowed special characters are: ! # $ @ _ + , ? [ ] . – ) ( ` ~ % ^ & * = { } | : ? , / and a dot. Please refrain from using portions of your name or email address within the password. Please refrain from using a password that you have already used.

  1. Once this has been done, you must lock and unlock the machine once to complete updating your password:
    • Press the “Ctrl+Alt+Del” keys combination again
    • Click “Lock
    • Then log back in with your new password

Your FDU NetID password was changed successfully!

Note

Your new password will need to be updated in all web browsers with saved passwords and email clients across all devices. Examples include faculty and staff e-mail accounts synched to their iPad, iPhone, and or Android device. FDU-Secure Wi-Fi network access is also attached to your FDU NetID username and password and will need to be updated on devices that use it.

close
macOS: Changing a FDU NetID Password while ON CAMPUS using a University macOS Computer

Note

You must already be logged into the machine when performing the password change process.

  1. Locate and then select the SSO extension “key” icon on the macOS menu bar
  1. Select “Change Password…
  1. Enter your current FDU NetID password into the “Old Password” field
  1. Choose and then enter a new FDU NetID password into the “New Password” field

Tip

The newly created FDU NetID password must meet the complexity requirements.

Use 8 to 16 characters for your new password. Passwords must include all of the following 4 character types: Upper case letters, lower case letters, numbers, and special characters. Allowed special characters are: ! # $ @ _ + , ? [ ] . – ) ( ` ~ % ^ & * = { } | : ? , / and a dot. Please refrain from using portions of your name or email address within the password. Please refrain from using password that you have already used.

  1. Enter your new FDU NetID password again into the “Verify Password” field
  1. Select “Change Password
  1. When your password change is successful, you will be prompted, “Password change successful.” Click “OK” to confirm

Note

Your new password will need to be updated in all web browsers with saved passwords and email clients across all devices. Examples include faculty and staff e-mail accounts synched to their iPad, iPhone, and or Android device. FDU-Secure Wi-Fi network access is also attached to your FDU NetID username and password and will need to be updated on devices that use it.

close
macOS: Synchronizing your Password on a University Computer

Note

You must already be logged into the machine when performing the password change process.

  1. Launch the Cisco AnyConnect Secure Mobility Client VPN or “FDU VPN” software and connect to FDU’s VPN Service. If you need to install the “FDU VPN” or need instructions on how to launch the VPN Client, please follow the link below before proceeding:
Cisco AnyConnect Secure Mobility Client

Note

You will not be disconnected from FDU VPN after performing the NetID password change.

  1. Locate and then select the SSO extension “Key” icon on the macOS menu bar
  1. Select “Change Password…
  1. Enter your current FDU NetID password into the “Old Password” field
  1. Choose and then enter a new FDU NetID password into the “New Password” field

Tip

The newly created FDU NetID password must meet the complexity requirements.

Use 8 to 16 characters for your new password. Passwords must include all of the following 4 character types: Upper case letters, lower case letters, numbers, and special characters. Allowed special characters are: ! # $ @ _ + , ? [ ] . – ) ( ` ~ % ^ & * = { } | : ? , / and a dot. Please refrain from using portions of your name or email address within the password. Please refrain from using password that you have already used.

  1. Enter your new FDU NetID password again into the “Verify Password” field
  1. Select “Change Password
  1. When your password change is successful, you will be prompted, “Password change successful.” Click “OK” to confirm

Note

Your new password will need to be updated in all web browsers with saved passwords and email clients across all devices. Examples include faculty and staff e-mail accounts synched to their iPad, iPhone, and or Android device. FDU-Secure Wi-Fi network access is also attached to your FDU NetID username and password and will need to be updated on devices that use it.

close
Using “identity.fdu.edu” Web Portal to Change your FDU NetID Password

Adjunct professors, students, and anyone with a personal laptop/desktop/tablet device will use the FDU Identity Web Portal to change their NetID password.

If the user has an FDU issued or owned Microsoft Windows-based machine, they should always follow the procedures in Changing a NetID Password while ON CAMPUS (Preferred Method) or “Changing a NetID Password while OFF-CAMPUS.” Changing your FDU NetID password through the identity.fdu.edu Web Portal while having an FDU issued or owned Microsoft Windows-based machine could cause temporary account lockouts and should only be used as a last resort. If lockout issues occur, please open up a service request with the Fairleigh Dickinson University Technical Assistance Center (UTAC), and they will be dealt with promptly.

  1. Open a web browser (e.g., Google Chrome, Mozilla Firefox, Internet Explorer, Safari) and navigate to the following URL:
  1. Click on “Account Maintenance” on the top right hand of the web page
  1. You will be redirected to the FDU Single-Sign-On login page. Enter your FDU NetID email and password in the corresponding text boxes and click “Sign In.” Complete the FDU 2fa Duo push notification to proceed
  1. Under Sign-In and Security, select “Change My Password
    • Enter your current password
    • Enter a new password
    • Retype your new password to confirm
    • When finished, select “Change My Password

Tip

The newly created FDU NetID password must meet the complexity requirements.

Use 8 to 16 characters for your new password. Passwords must include all of the following 4 character types: Upper case letters, lower case letters, numbers, and special characters. Allowed special characters are: ! # $ @ _ + , ? [ ] . – ) ( ` ~ % ^ & * = { } | : ? , / and a dot. Please refrain from using portions of your name or email address within the password. Please refrain from using password that you have already used.

  1. Password successfully changed” will be displayed if your FDU NetID password was successfully changed

Note

Your new password will need to be updated in all web browsers with saved passwords and email clients across all devices. Examples include faculty and staff e-mail accounts synched to their iPad, iPhone, and or Android device. FDU-Secure Wi-Fi network access is also attached to your FDU NetID username and password and will need to be updated on devices that use it.

close
Using “identity.fdu.edu” Web Portal to Change your FDU NetID Display Name

You also have the option to change the name that gets displayed on your NetID account.

  1. Open a web browser (e.g., Google Chrome, Mozilla Firefox, Internet Explorer, Safari) and navigate to the following URL:
  1. Click on “Account Maintenance” on the top right hand of the web page
  1. You will be redirected to the FDU Single-Sign-On login page. Enter your FDU NetID email and password in the corresponding text boxes and click “Sign In.” Complete the FDU 2fa Duo push notification to proceed
  1. Under Sign-In and Security, select “Change Display Name
    • Enter your New Display Name
    • Click on “Change Display Name
  1. Display Name successfully changed” will be displayed if your Display Name was successfully changed
close
Last Modified: Copy Link

Password Policy

Resources for:
icon Close

Revision Date: 10/1/2016
Original Date: 03/1/2016

With so many threats to your online data, it has never been more important to have a thorough understanding of password security protocols. Towards this end, FDU IT strongly recommends that you familiarize yourself with the information outlined in our Password Policy. You will not only gain an understanding of your responsibilities as a member of our community, but you will also learn helpful tips for password selection and insight into our password construction rules and password change frequency.

I. Overview

1.1 Purpose of Policy

Passwords are an important part of Fairleigh Dickinson University’s [herein after referred to as FDU’s] efforts to protect its technology systems and information assets by ensuring that only approved individuals can access these systems and assets.

FDU recognizes that passwords have serious weaknesses as an access control. For some higher-risk systems, other approved authentication methods that provide higher levels of trust and accountability may be used.

Since most of FDU’s systems continue to rely on passwords alone, this policy is designed to address their weaknesses by establishing best practices for the composition, lifetime and general usage of passwords.

1.2 People Affected

All members of FDU’s student, faculty and staff population as well as all contractors and temporary staff who are approved to access the University’s network and systems.

1.3 People Responsible

The Chief Information Security Officer in consultation with the Data Security Incident Response Team shall be responsible for implementing, changing, enforcing and communicating this policy.

1.4 Structure of Policy

  • Policy schema
  • End users’ responsibilities
  • Help desk operators’ responsibilities
  • System developers’ and administrators’ responsibilities

1.5 Enforcement

This policy will be enforced by technical controls wherever feasible; otherwise, this policy will be enforced by line management.

All members of FDU’s faculty and staff have a responsibility to promptly report any known instances of noncompliance to the CISO.

1.6 Consequences of Noncompliance

Failure to comply with this policy can result in disciplinary action as set out in FDU’s Written Information Security Policy [herein after referred to as WISP].

1.7 Language

In the Responsibilities sections of this policy (3, 4 and 5), the keywords “must,” “must not,” “should,” “should not” and “may” are to be interpreted as follows:

  • “Must” and “must not” mean that compliance with the policy statement is mandatory.
  • “Should” and “should not” mean that compliance with the policy statement is strongly recommended. While these recommendations are not required if technical, operational or business issues make them infeasible, supporting rationale may be requested when audit or compliance review findings cite those responsible for noncompliance.
  • “May” means that compliance with the policy statement is recommended but optional.

II. Policy Schema

2.1 Password Confidentiality

A password can provide effective authentication if and only if it is known only to the individual user. End users will ensure the confidentiality of their passwords at all times. System developers and administrators will ensure that whenever technically possible, systems do not store passwords in clear text.

Administrative processes may necessitate temporary exceptions to this principle, but these will be kept to an absolute minimum.

2.2 Password Construction

Password length and complexity requirements provide resistance to common kinds of attacks. Because of technology constraints, password construction rules may vary from one system to another, but they will meet (or exceed) these requirements wherever possible.

FDU recognizes that long and complex passwords may be difficult for users to remember, and thus, this policy provides guidance to end users on how to construct a memorable password that meets (or exceeds) these requirements.

2.2.1 Password Construction Rules

A password will be made up of:

  • Eight (8) or more characters
  • At least one uppercase letter
  • At least one lowercase letter
  • At least one digit (0 through 9)
  • At least one special character ($, @, # and so on)

A password will not include a single instance of a dictionary word.

Note: The above rule is enforceable only on some systems.

A password will not include:

  • The user’s user ID or email address
  • The name of a group the user account belongs to

A password should not contain anything that is meaningful to the user, such as a name (either real or fictional), a date (such as family birthdays and anniversaries), telephone numbers, postal codes and car registration numbers.

Note: The above is not enforceable on any system.

Additionally, the University is utilizing modeling software that prohibits the use of passwords that are commonly used or appear on compromised lists. If a password meets the construction rules it may be rejected requiring the user to modify the password until it is accepted.

2.3 Password Change and Reuse

Users will be forced to change their passwords periodically in order to minimize the window of opportunity for an attacker who has discovered a user’s password.

A user’s new password will be completely different from any recently used password.

A user will be free to choose a new password at any time. However, performing multiple changes in quick succession to enable continued use of a recently used password will be prohibited.

2.3.1 Password Change and Reuse Rules

A user will change his or her password every 84-90 days depending on the system.

  • Datatel/Ellucian password life is set at 84 days
  • Alpha password life is set at 84 days
  • Windows Desktop/Office365/NetID password life is set at 90 days
  • Others not specifically identified shall be 90 days

Note: The above rule may not be enforceable on all systems.

A user’s password will be different from his or her previous (X) passwords as follows:

  • Datatel/Ellucian: 5
  • Alpha: 5
  • Windows Desktop/Office 365 and NetID: 10
  • Others not specifically identified shall be 10

Note: The above rule is only enforceable on some systems.

2.4 Password Entry

Whenever technically possible, the password field in a login panel will be configured to mask the password entered by a user to minimize the risk of opportunistic observation by another.

A system will allow multiple successive login attempts (“grace logins”). If the password is not correct on the last allowed attempt, the user’s account will be suspended, and the user will have to contact the Fairleigh Dickinson University Technical Assistance Center (UTAC) and open a ticket to resume the account and, if necessary, reset the password.

2.4.1 Password Entry Rules

A system will allow between 5 and 10 failed login attempts as noted below:

  • Datale/Ellucian: 5
  • Alpha: 5
  • Windows Desktop/Office 365/NetID: 10
  • Others not specifically identified shall be 10

Note: This rule is enforceable on only some systems.

2.5 Password Storage

Whenever technically possible, a system will not hold passwords in clear text; it will use an approved irreversible cryptographic transform to protect its users’ passwords.

A system that stores users’ passwords for other systems, and brokers those passwords to those systems on behalf of the user, will use an approved (reversible) encryption algorithm.

III. End Users’ Responsibilities

If you are an end user of FDU’s systems, you have the following responsibilities regarding the password you use on any of FDU’s systems. (See 1.7 Language section for the meanings of the terms in bold type.)

These responsibilities apply even if the system does not enforce any specified rules:

a) You must keep your password confidential at all times.

b) You must not disclose your password to anyone, including FDU’s management and technical support staff, even if they demand it.

c) If this happens, you must escalate to the CISO immediately. You should not use any password that you use on any FDU systems on any external system (including Internet banking and social networking services).

d) You should not write down your password.

e) You should not use the “remember password” feature in any Web browser.

f) You must only use a “password keeper” or “password wallet” software or service that has been approved by policy or otherwise in writing by the CISO.

g) You must choose a password that meets or exceeds the length and complexity requirements set out in 2.2.1 Password Construction Rules section.This is your responsibility even if these rules are not enforced by a particular system. Sometimes, technical restrictions on a system do not allow you to choose a password that meets these requirements. Such systems are enumerated in Schedule [X], along with the password construction rules that apply.

h) You should choose a password that meets or exceeds the other requirements set out in 2.2.1 Password Construction Rules section.A help desk operator, system administrator or other user should never ask you to choose a password that doesn’t meet requirements (g) and (h). If this happens, you must escalate to the CISO immediately.Further, if any help desk operator asks you to change your password on a portal that does not use an HTTPS website with an SSL lock, you should escalate to the CISO immediately.

The following rules, (i) to (l), are enforced on most systems. If the rules are not enforced by the system, you are still expected to comply.

i) You must change your password at least every 90 days.There is no need to access a rarely used system just to change an old password. Most systems will automatically expire the password after 90 days, and you will be prompted to change the password when you next log in.

j) You should not use any of your previous six (5) passwords.

k) You should choose a new password that has no more than four (4) characters in a row in common with your current password.For example, if your password is “anTelope1,” a new password of “anTelope2” is not acceptable, but “anTecede1” is.

l) You should not change your password more than twice in any three (3) days.

Tips for Choosing a Good Password (Advisory)

The length and complexity requirements may appear to make it hard to choose a password that is easy to remember, but it can be pretty straightforward to do so.

A password that meets the minimum length requirement must be rather complex. You can readily construct such a password from the initial letters of a favorite quotation, song lyric, poem and so on, capitalizing some letters, and substituting a number or special character in an appropriate place.

For example:

  • Ww1dwysm — What would I do without your smart mouth?
  • Itwbtd2A — In the week before their departure to Arrakis.

A “very long” password can be relatively simpler. Choose three simple words, capitalizing some letters, and link them with a number or special character.

For example:

  • gorilla8banana@SanDiego

IV. Help Desk Operators’ Responsibilities

If you are an FDU IT technician or a system administrator providing support normally done by the help desk, you have the following responsibilities regarding users’ passwords on any of FDU’s systems that you support. (See 1.7 Language section for the meanings of the terms in bold type.)

a) When a user asks you to reset his or her password, you must corroborate the user’s claimed identity in line with approved procedures in Appendix A.

b) You must not disclose a user’s new password to anyone other than the user himself or herself.

c) You must not write down a user’s new password.

d) You must not send any new password to a user electronically.

e) You must not ask any user to tell you his or her password.

V. System Developers’ and Administrators’ Responsibilities

If you are a system developer or system administrator, you have the following responsibilities regarding the passwords used on any of FDU’s systems that you own, develop or maintain. (See 1.7 Language section for the meanings of the terms in bold type.)

If compliance with (a), (c), (g), (h), (i), (j) or (k) is not technically feasible because of system constraints, contact the CISO to agree on and document the exception.

a) You must configure each system to require that any user’s password meets the length and complexity requirements set out in 2.2.1 Password Construction Rules section.

b) You should configure each system to require that any user’s password meets as many of the other requirements set out in 2.2.1 Password Construction Rules section as are technically feasible.

c) You must configure each system to force a user to change his or her password every 90 days.

d) You should configure each system to prohibit a user from using any of his or her previous five (5) passwords.

e) You should configure each system to prohibit a user from choosing a new password that has more than four (4) characters in a row in common with his or her current password.

f) You should configure each system to prohibit a user from changing his or her password more than twice in any three (3) days.

g) You must configure the password field in a login panel to mask the password entered by a user to minimize the risk of opportunistic observation by another.

h) You must configure each system to allow 5 successive login attempts (“grace logins”). If the password is not correct on the 5th attempt, the system must suspend the user’s account such that the user will have to contact an administrator to resume the account and, if necessary, reset the password.

i) Passwords must be implemented in the strongest form the system supports and supports the intended business function. You should implement a cryptographic transform to protect the passwords of the users on each system

5.1 Requirements for Third-Party Systems

All mandatory requirements noted in this section (that is, those denoted by “must” or “must not”) constitute part of the minimum security specification for third-party system software that FDU acquires and implements. That is, it is essential that system software enables system developers and administrators to fulfill these responsibilities.

If a third-party system cannot meet the minimum security specification, contact the CISO to agree on and document the exception.

All optional requirements noted in this section (that is, those denoted by “should” or “should not”) constitute desirable features of third-party system software.


Last Modified: Copy Link

SAMI Support Public Request Form

Resources for:
icon Close

SAMI Support requires a valid NetID and password, as well as DUO multi-factor authentication in order to access. Once the portal is accessed, you have the ability to generate a new ticket, review existing or closed tickets & view the IT Knowledgebase for information that can assist you with resolving problems. The SAMI Support Portal can be accessed by using the button below:

SAMI Support Portal

If you need to open a request and cannot access SAMI Support for any of the reasons below, please complete this request form or contact the Fairleigh Dickinson University Technical Assistance Center (UTAC). A member of the IT support team will assist you via phone call or email.

  • I do not have a valid University issued NetID
  • I am not able to authenticate through DUO
  • I have not set up my DUO account
  • I am a vendor without a University issued NetID
  • I am an admitted student
  • I am a newly hired employee or adjunct
  • My FDU account is locked
  • I need my Net ID password reset and have already attempted to do that through identity.fdu.edu

Note

The form below is not compatible with dark mode. For an optimal experience, disable dark mode either in your device’s system settings or directly from the FDU IT website.

SAMI Support Public Request

Last Modified: Copy Link

Sending an Encrypted File Using Email

Resources for:
icon Close

According to FDU’s Written Information Security Program (WISP), in no case should they be sending or storing WISP protected information without the explicit authorization of the Chief Information Security Officer (CISO). If approved, these instructions will provide you with guidance on the methodology.

Instructions for Windows

If you do not have a university issued laptop or desktop, you must download and install 7-Zip on your computer in order to proceed with the instructions. Please follow the following steps in order to download and install 7-Zip on to your personal device:

  1. Download 7-Zip:
  1. Launch the 7-Zip installer “7z1900-x64.exe” or “7z1900.exe

NOTE: The Installer file name may change as newer versions are released.

  1. Click “Yes” if asked to run an unknown app from User Access Control
  2. Click “Install” on the setup screen
  1. 7-Zip will now install, when completed, click “Close

Preparing an Encrypted 7-Zip File

  1. Single “Right” click on the file
  2. Highlight “7-Zip
  3. Navigate and “Left” click on “Compress and Email…
  1. Change Archive Format to “ZIP
  1. Enter and Retype a password in the “Encryption Section” and check the box to “Encrypt file names
  2. Change the Encryption Method to “AES-256

NOTE: The password must be a complex password that contains the following:

  • At least one capital letter
  • At least 2 numbers 0-9
  • At least 1 special character (%, ^, &, ! , @ , !, ….)
  • Be at least 8 characters long
  1. Click “OK

NOTE: A progress bar will open to encrypt and zip the file. Depending on the size of the file, this may take a few minutes.

  1. An email message to compose your new email with the compressed and encrypted file will appear
  1. Address and compose your email as desired

CAUTION: Never send an email that contains both the password and file together. These must be sent separately.

  1. Compose and send a separate email, or place a phone call, to the receiving parties which contains the password for the compressed file for them to read

NOTE: Without the password, the receiving party will not be able to open and view the file.

Opening an Encrypted 7zip File

  1. Open the email that contains the encrypted file
  2. Click the arrow “V“’ and select “Save As
  1. From the saved location open the encrypted file
  2. Enter the password provided to you from the sender

Once the password is entered correctly, the enclosed document will then load, and you can make any changes and save inside the protected file. If needed, the file can be returned to the sender with needed information.

NOTE: The Archive Window must not be closed if making any changes that need to be saved.

IMPORTANT: After the document is no longer needed, the encrypted file should be SECURELY DELETED from your hard drive. At no time should this be saved for later use.

Instructions for macOS

  1. Download Keka:
  1. Open Keka Preferences and check the box next to Use AES-256 when encrypting ZIP files (less compatible)
  1. Set a password for the file
  1. Drag your file onto Keka to compress and encrypt. The encrypted file will be placed next to the original file
  2. If you need to extract an encrypted file, simply drag it onto the Keka window and enter the file password in the prompt. The file will be extracted in the same location as the original
Last Modified: Copy Link