ACCC Passwords

The ACCC Common password is a single strong password that is used for your ACCC accounts on argo, icarus, mailserv, tigger, and UICalendar, for logging in in the ACCC public labs, for the Blackboard instructional classroom service, for using UIC Wireless and Res-Net, and for logging in to various secure Web services such those offered by the University Library and posting to the UIC Events Calendar system. There's just one way to set and change your ACCC common password — on the Web, at an easy to remember URL:

http://passwords.accc.uic.edu

Of course there are convenient links on the ACCC home pages. There are only two other ACCC passwords, the ResPhone and ADSM/TSM passwords. There are links on the ACCC Password page to the pages where you set these two passwords also.

Many University of Illinois student, faculty, and staff institutional services, including online registration and human resources, use the University of Illinois Enterprise ID and the University of Illinois Enterprise Password.

To change that password, use: Enterprise Password Reset

• About ACCC Common Passwords
• -- Why Your ACCC Common Password Is Strong
• -- When Your ACCC Common (and Current) Password Expires
• -- If you don't already have a UIC netid or an ACCC Password
• How to set or change your ACCC Common password:
• -- passwd on UNIX
• -- Before you forget your password:
• -- When you forget your password:
• ACCC ResPhone Password
• ACCC ADSM/TSM Backup
• University of Illinois Enterprise ID and Password
• Other UIC Passwords
• UI Policy for Strong Passwords

The ACCC Common password is a single strong password that is used for your ACCC accounts on argo, icarus, mailserv, tigger, and UICalendar, for logging in in the ACCC public labs, for the Blackboard instructional classroom service, for using UIC Wireles and Res-Net, for posting to the UIC Events Calendar system, and for logging to secure Web services belonging to the University Library, and of course, the ACCC password changing system.

Having one password for all these services is a good thing. It's a lot easier to remember just one password than a whole bunch of them, so you should be able to make that one password stronger and less easy to guess and should still be able to remember it without having to to write it down for someone else to find and steal. But having a one password for all these services can also be a bad thing, if you're careless with it. If someone does steal your ACCC common password, they will have access to all those accounts and services. You must be more careful with this password because more is at stake if it is compromised.

The ACCC Common password must be a "strong" password -- specially tested so won't be easy to guess. Strong passwords are necessary to protect your password from guessing programs that can quickly test login passwords against dictionaries and variations on dictionary words. There have been many cases on the UIC campus of personal computers being compromised due to weak passwords and guessing programs.

But even a strong password is no defense against sniffing -- someone eavesdropping on a network to catch a password as to passes by. We urge everyone to use as many additional precautions as they can as well, including sending their password in encrypted form as much as possible, by securing the use of your password with your email programs by using SSL or WebMail, by using ssh to login to UNIX servers instead of telnet, or using encrypted connections such as UIC Wireless.

• The password must contain eight(8) characters.
• It must have at least one uppercase letter, one lower case letter, one number or punctuation mark, and no spaces.
• It must also pass a dictionary challenge— it cannot match a word in a dictionary,
• It cannot be based on your netid or name.
• Nor can it be the same as any password that you have used in the past year.
• And finally, it can't be a simple pattern such as Abcd1234 or Qwerty12

Please note: the University of Illinois policy for strong passwords is below.

ACCC Common passwords will expire yearly. We will send warning email ahead of time, and also give timely warning via authenticated web pages, and other services whenever practical.

If you don't respond to the warning, and the password does expire, but you will still be able to login to the password changing utility (using your expired password) and change your Common password. You won't get any other service until you change your expired password.

1. Go to the ACCC home page: http://www.accc.uic.edu (or any ACCC core Web page),
2. Click the purple Accounts button,
3. Then go through the three steps to get your UIC netid, ACCC common password, and, if you need one, open an email account (we recommend mailserv).

If you already have a netid, you can start at:

On the ACCC Accounts page: Create an ACCC Account.
Or to change your password: Choose a New Common Password

If you already have an ACCC password, you can set your first Common password or change your current Common password whenever you wish. Anytime that you have any reason to think that your current password might be compromised, it is an excellent idea to change it, just to make sure.

To go along with the theme of having just one password and it being easier to remember, there's just one way to set and change your ACCC common password -- on the Web, at a new and easy to remember URL: http://passwords.accc.uic.edu

Of course there are convenient links on the ACCC home pages: Go to the ACCC home page: http://www.accc.uic.edu (or any ACCC core Web page), click the purple Accounts button, then select Password Changing Utility.

1. Login with Bluestem, using your UIC netid and an ACCC password. (An expired password will work here.)
2. On the ACCC Password Changes page, type your new password twice, once in each box. The text at the bottom of the window explains the requirements.
3. Click Change Password.
4. If the password changing utility doesn't like what you've selected, it will return an error message and put you back in the password changing screen to allow you to choose another new password. Don't be discouraged if the first few things you try don't work out. This is a strong password; it's reasonably picky.
5. After you successfully choose your new ACCC common password, you will be given a chance to create a new ACCC account (in case that's what you needed an ACCC common account for), change your email routing (in case you're in the process of switching your email to mailserv).

Forgot your password? We have Password Recovery Options, which we talk more about in Before you forget your password below.

Old-hand UNIX users are used to changing their UNIX account passwords by logging on to their UNIX account and using the passwd command. Because the ACCC UNIX servers, argo, icarus, mailserv, tigger, all use the ACCC common password, we have disabled the passwd command on them. If you enter passwd on these machines you will receive a message sending you to the Web password changing utility.

Before you forget your password, click the Password Recovery Options link on the Choose a New Common Password Success page or go to the ACCC Accounts, Machines, Passwords Page (click on the purple Accounts button at the top of this or any ACCC official Web page) and select Passwords -- Click Here before you forget your password and login with Bluestem using your netid and ACCC password.

There are now two different ways for you to change your ACCC common password yourself if you forget it.

(1) Register a Challenge/ Response for your netid. This one everyone can use. After you select a Challenge/Response pair, we'll allow you to change your ACCC common password if you can provide the right Response for your recorded Challenge. The Challenge is a question that presumably only you know the answer to, and the Response is the answer. The Set Up Web page has the details of case, punctuation, spacing, and length.

(2) Select an Emergency Email Address. You can you use this if you have a secure email address that doesn't depend on your ACCC password. It works this way: when you forget your password you tell us. We will send a special secret and a URL to your emergency address. You go to that URL and cut the secret from the note (without any blanks at the beginning or the end) and paste it into the our Web page, and then you will be allowed to change your ACCC common password. The Set Up Web page has more information on this option. Obviously, you don't want to use an email address that other people know about or that has an easily guessed password.

Click Here before you forget your password

Note that your security in using these services is completely in your hands. Anyone on the Internet can find out your Challenge phrase, and they can make as many guesses at your Response as they have the patience to enter. Thus Challenges like "What is my spouse's name?" or "What is my favorite color?" won't do. (The first is too easy to find; the second is too easy to guess.) And your emergency email address is only as secure as you keep its existence and password. If you advertise its existence, you're asking for someone to try it out and see if it works.

So, you don't remember your password. Maybe you haven't logged on in a while or you changed your password and you don't remember what you changed it to. You have two choices.

0. If you set a Challenge/Response or Emergency Email Address on the Click Here before you forget your password Web page (which will allow you to change your password(s) without knowing your current password), then you're in luck; you'll use the Password Changing Utility page:
   1. Go to the ACCC Accounts, Machines, Passwords Page (click on the purple Accounts button at the top of this or any ACCC official Web page).
   2. Select Passwords - Help I've Forgotten My Password
   3. Type your netid in the Netid: box by the rescue option that you want to use and click the button beside it.
      
1. Use the emergency password change methods that you previously set up:
   
   • If you're using the Challenge/Response method,
     • You Challenge Phrase will be displayed.
     • Type your Response, and click the Submit Response button.
     • If the Response matches, you will be taken to a screen that resembles the ACCC password changing screen; type your new password in both boxes and click Change Password.
   • If you're using the Emergency Email method,
     • We'll send you an email message to your emergency email account right away.
     • After you receive our message, go to the URL in the message, and cut the secret (don't get any extra blanks at the beginning or the end) from the email message and paste it into the box in the Web page, and click Submit Secret.
     • You'll be transferred to the standard ACCC password changing Web page and will be able to change your password as usual.
       
       
2. Otherwise, you must go in person to the Client Services Office (Room 2267 SEL), the BGRC Consultant's office (Room 181 BGRC), or ACCC Network Operations (Room LL55 BGRC). Their open hours vary, but the CSO is generally open during normal business hours, and the schedule for the BGRC consultants is posted on their door. Network Operations is staffed 24 hours, 7 days a week. Be sure to take a picture ID.

The ACCC ResPhone password is a 10-digit number that students who live in the UIC residence halls use when they dial off-campus using the telephone in their residence-hall room. Unlike other ACCC passwords,

• The first 5 digits of the ResPhone password are set by the ACCC and never change; they indicate your account. The final 5 digits you select yourself; they are your password. You have to enter your entire 10-digit password when you dial off-campus; make sure you take note of all 10 digits.
  
  
• ResPhone accounts have a monthly and a per-call monetary charge associated with them.

You can change your ResPhone password on the ResPhone password page:

http://resphone.accc.uic.edu

There is a link to the ResPhone password changing page on the UIC Password page also.

If you've forgotten the first 5 digits of your ResPhone password, login to http://passwords.accc.uic.edu with your netid and ACCC common password and click the ResPhone link. That page will show you your first 5 digits; you can quit out of the ResPhone password change page without actually changing your password.

Your ResPhone password is independent of your ACCC Common Password, but you should set up the password backup functions described in Before you forget your password just in case you forget your ResPhone password.

For instructions on how to use your ResPhone password, see the Residence Halls Telephone Guide; click the violet Telecom button on the ACCC home page http://www.accc.uic.edu/ or at the top of this page and then click the Phone Rates & Services - Students in Resident Halls link.

The ACCC common password is not used for ADSM/TSM backup accounts for on-campus personal computer or workstations, but there is a link on the ACCC Choose a New Common Password Web page to the page that you use to change your ADSM password.

Change Your ADSM/TSM Backup Password

There is a link to the ADSM/TSM password changing page on the UIC Password page also.

The University of Illinois' new Enterprise Resource initiative UI-Integrate is implementing a new set of integrative tools that will be used by all members of the University of Illinois community, students, faculty, and staff. These tools range from online student course registration to human recourses and benefits.

The Enterprise Resource tools have their own login and password, your University of Illinois Enterprise ID and password. You will be assigned an Enterprise ID, EID, (you must "claim" it) and must reset your Enterprise password at that time. You will be given a chance to claim your EID as part the process of activating your UIC netid and choosing your ACCC common password, or you can do it directly at the Enterprise Password Reset page.

Important: You will need to use your UIC netid and ACCC password to claim your EID. When asked to enter your UIC netid as part of the login process, type it with @uic.edu at the end. So if your UIC netid was jtesti99, you'd enter it as jtesti99@uic.edu.

Enterprise Password Reset

Resetting your enterprise password does not reset your ACCC common password, and your ACCC common password and UofI Enterprise password are not coordinated with each other.

For more information:

• Students: UI-Integrate Self-Service Special Instructions/Information
  
  
• Faculty and staff: UI-Integrate Training resources

The following passwords are not the ACCC Common password. For security sake, we ask that you don't use the same password for any of these services as you do for your ACCC Common password.

University of Illinois Medical Center ITS Password

The UIC hospital has its own computer center and its own password system. Its netids are the same as the ACCC's netids; its passwords are not related to the ACCC common password. But the ITS and ACCC passwords do have one thing in common; either can be used with your netid to log into Nessie or any other Bluestem login.
ITS Home; ITS Password Page

Student Access System and Telephone Registration

UIC Registration and Records' Web-based Student Access System uses the same password as the Registrations and Records' telephone registrations system, UIC Express; see the pages on it for information on how to change its password.
UIC Registration and Records home page

Various UIC Departments and Units

Various departments and units at UIC run their own networks, email service, and other departmental services which require login IDs and passwords. Some departments use UIC netids for the departmental login IDs, to prevent confusion on campus, but even if the netids match, departmental passwords are not related to ACCC Common passwords.

As stated in the University Information Security Policy, users of critical systems will have a strong password whose definition will be established by the University Technical Management Team (UTMT).

At a minimum, a strong password must conform to all of the following:

• The password must contain at least one of each kind of alphanumeric character (at least 1 UPPER case, 1 lower case, and 1 numeric digit).
• The password cannot contain any common string alpha characters (e.g., a word in a dictionary or a person or place name.
• The password must be at least EIGHT (8) characters long.
• The password cannot be changed to the previous password.
• The password must be changed annually.
• The minimum life of a password is 1 day.

Specific systems may allow for a more stringent implementation of a strong password. It is up to the judgment of the system owner to determine if a more stringent implementation is appropriate. ACCC meets and exceeds this definition of password strength, as allowed by policy. The ACCC definitions are the ones we enforce on the password changing pages, not the ones listed in this section.