Users don’t need to know everything. In fact, most users might never completely understand the complex structure of a network and how network security is organized. Nevertheless, providing users with some basic knowledge of the security process can help them immensely and, hopefully, reduce your trouble calls!
To that end, I prepared a document for my users to explain how security matters are handled on my system. (Keep in mind that before I started disseminating this information to my users, my employer had NO security measure in place.) My user-base is technically challenged, so I tried to present the information in as simple a manner as possible. Please feel free to borrow this format and adapt it for use in your shop.
Introduction to network security
To all end users: We need to do a better job of keeping our network secure. The following information provides the steps you need to log on to the network successfully. Keep in mind, when I say “network” I’m referring to Windows NT. You’ll know you’re logging onto Windows NT if the first box you see when you turn on the computer says “Press CTRL+ALT+DEL to log on.” (This documentation does not pertain to the mainframe users.)
Network Security is composed of three areas:
- Intruder detection
- Logon restrictions
- Password restrictions.
Intruder detection was developed to prevent an unauthorized user from guessing your password. Logon and password restrictions are used to ensure users change their passwords regularly, use unique passwords, and connect to only one computer at a time.
In addition, password restrictions give users the ability to use “grace logons,“ which are the number of times a user can log on with an expired password. For example, suppose you log on to the network, and the computer advises that your password has expired and four grace logons remain.
The system is telling you that you have four more logons until the computer locks you out. Once the remaining grace logons equal zero, a network administrator will have to intervene to allow network access.
Table A describes the Network Security Settings. Please review this table and make yourself familiar with the rules and regulations for passwords and logons.
|This table describes the rules that govern access to the network.|
What to expect?
The first time the computer does something out of the ordinary can be confusing. Here is what to expect during logon when your password expires:
- After logon, the system advises that your password has expired and you have five grace logons to change your password. “Would you like to change it now? Yes or No.”
- Click Yes.
- Enter your new password. (Consult the section labeled “summary of rules” for passwords below.)
- Reenter the password.
- Click OK, and the computer will take a minute and then update your security profile.
Manually changing your network password
Changing your network password is an essential element for network security. The following procedure documents the process of changing your password manually before the server forces a change. Complete this procedure any time you feel your password has been compromised:
- After logging onto the network, Press CTRL+ALT+DEL
- The NetWare Security Dialog Box will appear.
- Left Click on “Change Password”
- The Change Password Dialog Box will appear.
- Enter your old password and press [Tab] on the keyboard.
- Enter your new password and press [Tab] again.
- Confirm your new password and left click on OK.
- A dialog box will report that your password was successfully changed.
If you have any problems with changing your passwords, please contact your network administrator or I/S helpdesk.
Summary of rules for passwords
The following network access rules must be followed:
- Passwords must be at least five characters in length. A mixture of numbers and letters provides the greatest security; however, this is not required.
- Passwords must be unique. You cannot use the same password twice.
- Passwords will be changed every 60 days. The computer will prompt you and allow for grace logons. Please change your password as soon as the prompt appears.
- If you attempt to access the network with the wrong password (five times) the server will lock you out for 15 minutes.
- If you attempt to access multiple computers at once, the server will not allow access.
- Network passwords are sacred. If compromised, change immediately.
Review of the common error messages
If you receive an error message when you’re logging on or changing your passwords, don’t panic. Just take a deep breath, read the screen, and try again. Refer to Table B for a description of the most common error messages.
|Here are some of the most common error messages you’ll see on logon.|
If you’d like to comment on this article or share your own approach to keeping users up to speed on network security, please post a comment below or follow this link to write to Jake .