Mandatory Reset by 1 p.m. EDT, Aug. 25 2010
This weekend, a JLab user account was compromised. That account was then used to send e-mail to a large number of JLab users and staff, soliciting usernames and passwords. Unfortunately, a number of people responded and sent their information to a .com site, compromising their accounts.
At this time, the Computer Center does not know for sure which or how many JLab accounts have been compromised. As a result, a mandatory password change is required.
You have until Wednesday, 1 p.m. 25-Aug-2010 EDT (5 pm 25-Aug-2010 UTC) to change your password.
If you let your password expire, you will no longer be able to log in to any Jefferson Lab CUE system. This includes all central interactive, batch, desktop, e-mail, calendar and web systems.
Only JLab passwords that have been changed after 1 p.m. 23-Aug-2010 EDT (5:00 pm 23-Aug-2010 UTC) are exempt from this directive.
To change your password on-site or off-site, use the web interface at https://cc.jlab.org/passwords.
The password policy is explained at: http://cc.jlab.org/policies/PasswordRules.html.
Please remember, the JLab Computer Center will NEVER direct you to a site that does not end with jlab.org domain link for changing your password.
In addition, you should always check the validity of such a message BY MOUSING OVER ANY INDICATED LINK to verify that the URL shown at the bottom of the e-mail and/or browser is the jlab.org domain link.
Please forward any suspicious e-mail to firstname.lastname@example.org with all headers if possible.
Thank you for your understanding in this matter. Please contact the Computer Center Helpdesk at email@example.com if you need further assistance.