Mandatory Reset by 1 p.m. EDT, Aug. 25 2010

This weekend, a JLab user account was compromised. That account was then
used to send e-mail to a large number of JLab users and staff,
soliciting usernames and passwords. Unfortunately, a number of people
responded and sent their information to a .com site, compromising their
accounts.

At this time, the Computer Center does not know for sure which or how
many JLab accounts have been compromised. As a result, a mandatory
password change is required.

You have until Wednesday, 1 p.m. 25-Aug-2010 EDT (5 pm 25-Aug-2010 UTC)
to change your password.

If you let your password expire, you will no longer be able to log in to
any Jefferson Lab CUE system. This includes all central interactive,
batch, desktop, e-mail, calendar and web systems.

Only JLab passwords that have been changed after 1 p.m. 23-Aug-2010 EDT
(5:00 pm 23-Aug-2010 UTC) are exempt from this directive.

To change your password on-site or off-site, use the web interface at
http://www.jlab.org/jpasswd.

The password policy is explained at:
http://cc.jlab.org/policies/PasswordRules.html.

If you are a calendar user, please see:
http://cc.jlab.org/docs/services/calendar/offline-agenda.html
to re-synch your new password with your local calendar client software.

Please remember, the JLab Computer Center will NEVER direct you to a
site that does not end with jlab.org domain link for changing your
password.

In addition, you should always check the validity of such a message BY
MOUSING OVER ANY INDICATED LINK
to verify that the URL shown at the
bottom of the e-mail and/or browser is the jlab.org domain link.

Please forward any suspicious e-mail to helpdesk@jlab.org with all headers if possible.

Thank you for your understanding in this matter. Please contact the
Computer Center Helpdesk at helpdesk@jlab.org
if you need further assistance.



content by whitney@jlab.org

maintained by webmaster@jlab.org