Skip to main content

A PSA on Password Security

Westlaw just announced an upcoming change to its password policy: beginning May 31, Westlaw users will see a prompt to create a OnePass account (username and password) in order to access the research sites, rather than use the 11-digit “Westlaw Password” from your original registration card. A separate username and password has always been an option for accessing Westlaw, but it’s soon to be a requirement: by mid-July, all Westlaw users at Duke will need to create a OnePass account, or update an existing one, in order to conform to password security standards.

The only real surprise about this announcement, though, is how long it took to arrive. A separate username and password has been required by LexisNexis for several years, following a high-profile security breach in 2005 (http://www.nytimes.com/2005/04/13/technology/13theft.html). Many other websites, such as online newspapers, also require usernames and passwords.

Unfortunately, this desire for added security can often have the opposite effect: users who are afraid of forgetting multiple passwords frequently use the same password for all sites, or use extremely simple passwords which are easy for hackers to crack. In 2007, PC Magazine compiled a list (http://www.pcmag.com/article2/0,1759,2113976,00.asp) of the 10 most commonly-used online passwords:
  1. password
  2. 123456
  3. qwerty
  4. abc123
  5. letmein
  6. monkey
  7. myspace1
  8. password1
  9. blink182
  10. (your first name)
Did you see any of your passwords on this list? Now might be a good time to review the Duke Office of Information Technology’s Password Security FAQ (http://www.security.duke.edu/password.html). OIT has compiled helpful advice for choosing a good password and avoiding weak ones. An interesting chart demonstrates the relationship between length of password and security: a five-character password would take a password-cracking program approximately 2 hours to guess, but the addition of just one more character could stump such a program for up to 7.9 days.

While you ponder the creation of your new Westlaw password this summer, review the OIT guidelines and ensure that your many other passwords are safe and secure. For related information on computer security, check out the Law School's Academic Technologies page (http://www.law.duke.edu/computing/security/index).

Popular posts from this blog

Black's Law Dictionary 12th Edition Now Online

A new 12th edition of Black's Law Dictionary was published in June. Once the library's hard copies arrive and are processed, you will find a print copy at the Reserve Desk and on the dictionary stand in the library Reading Room. Online, the Black's Law Dictionary database on Westlaw has already incorporated the 12th edition changes. (To access it on Westlaw Precision, type BLACKS into the main search bar and select the source from the drop-down suggestions, or retrieve it from the Secondary Sources content menu.) What's new in the 2024 edition? As with the 2019 update, the publisher promises a revision to every single page . More than 2,500 new terms (such as ghost gun and shadow docket ) have been added, bringing the total number of definitions higher than 70,000. Last month, longtime editor Bryan A. Garner joined David Lat's Original Jurisdiction podcast to discuss the new edition and his editorial process for revising the much-cited source. Of course, w

Free Access to US Case Law

Last month marked a milestone for the Caselaw Access Project (CAP) , an ambitious project from the Harvard Law Library Innovation Lab to digitize centuries of U.S. federal and state case law for free public access. Launched in 2016 with the financial backing of online legal research company Ravel Law (now owned by LexisNexis ), the Caselaw Access Project involved the digitization of more than 36 million pages of printed case reporters. The original agreement contained a commercial use restriction for eight years, which has now expired. The Innovation Lab commemorated the occasion with a conference on March 8 , highlighting the history of the project and use cases for the future. For more information on the history of the project, see Adam Ziegler's guest post at Bob Ambrogi's Law Sites . The Search feature on the legacy version of the CAP website links to CourtListener's Advanced Case Law Search , which has incorporated the CAP content. The beta version of the  CAP websit

Winter Break Reading Recommendations

The end of the semester is almost here! Amid the flurry of final exams and the holiday rush, it might be hard to find time for your perfect winter break book. But a good read can help pass the time on long flights or airport delays, as well as give you a great way to wind down for the night at the end of busy holiday festivities. To help you find something appealing to read before you go, here are seven recommended titles that the Goodson Law Library staff have enjoyed recently. Number Go Up: Inside Crypto's Wild Rise and Staggering Fall , by Zeke Faux ( Request a print copy   or put a hold on the e-book !) "In this up-close-and-personal account, Faux reveals the highly entertaining and, frankly, horrifying (for human beings and the environment) worlds behind the current crypto scandals. An investigative reporter for Bloomberg, Faux also manages to make abstruse cryptocurrency concepts digestible here. For my fellow legal news junkies looking for a deep dive beyond the FTX/