The Helix Systems staff has instituted security measures, including account locking and password aging, that affect all Helix user accounts. Here's what we have implemented and what you, too, can do to help maintain security of your account and data.

It is well-known that unused accounts pose a security risk. One of the best defenses in detecting intrusions is the fact you may recognize unusual activity in your own account (for example, a file you didn't create or previous login information you don't recognize). If you don't actively login to your account for several months, then there is a window for illegal activity in your account. To prevent this, any user account that has not had any activity other than remote e-mail for long periods of time will be temporarily locked until the account owner telephones the CIT TASC (301-594-6248).

All accounts with no active use during the past 6 months are "locked" from login access. To re-establish the ability to login, you will need to contact the CIT TASC (301-594-6248).

Users who do not regularly change their passwords pose an increased security risk both to themselves and to the system as a whole. Passwords are vulnerable to many methods of unauthorized access. For example, if you have ever logged into your Helix account from a remote site without a secure (encrypted) connection or if you do not have definitive knowledge of the security precautions taken at that site, then it is possible that your password may have been detected, and you should change it. If you have ever shared your account or have an account on another system that has the same password, then again your password is not safe and should be changed.

To make certain that all passwords are "fresh", the Helix staff has instituted "password aging". This requires all users to choose a new password before logging in every six months. Beginning two weeks before the password is set to expire, you will be notified when you login. If you fail to change your password before it expires, you will be forced to select a new password before being allowed to log into Helix

It is important to know ahead of time what constitutes a good password, and take the time to choose one carefully.

On Helix, your password must (i) be at least six characters; (ii) include two letters (a-z) and two special characters (punctuation, digits); (iii) embed at least one of these special characters within the password rather than including it as the first or last character; and (iv) differ from your old password by at least three characters.

The following types of passwords are not considered robust enough for current security standards: (i) simply adding a digit or special character at the end of a string of alphabetics (e.g., abcdef1 or susan1); and (ii) substituting 1 for i, 0 for o, $ for s in common words (e.g., d1abetes).

Easy-to-remember passwords include a short phrase that is meaningful to you with embedded punctuation (eg, "home-again"); or the first letters and punctuation of a common phrase (eg, "Ilw.IlF." [I love work. I love Fridays.])

While we understand that these security measures may cause some inconvenience, they are necessary to protect your data and files.