Westlaw just announced an upcoming change to its password policy: beginning May 31, Westlaw users will see a prompt to create a OnePass account (username and password) in order to access the research sites, rather than use the 11-digit “Westlaw Password” from your original registration card. A separate username and password has always been an option for accessing Westlaw, but it’s soon to be a requirement: by mid-July, all Westlaw users at Duke will need to create a OnePass account, or update an existing one, in order to conform to password security standards.
The only real surprise about this announcement, though, is how long it took to arrive. A separate username and password has been required by LexisNexis for several years, following a high-profile security breach in 2005 (http://www.nytimes.com/2005/04/13/technology/13theft.html). Many other websites, such as online newspapers, also require usernames and passwords.
Unfortunately, this desire for added security can often have the opposite effect: users who are afraid of forgetting multiple passwords frequently use the same password for all sites, or use extremely simple passwords which are easy for hackers to crack. In 2007, PC Magazine compiled a list (http://www.pcmag.com/article2/0,1759,2113976,00.asp) of the 10 most commonly-used online passwords:
While you ponder the creation of your new Westlaw password this summer, review the OIT guidelines and ensure that your many other passwords are safe and secure. For related information on computer security, check out the Law School's Academic Technologies page (http://www.law.duke.edu/computing/security/index).
The only real surprise about this announcement, though, is how long it took to arrive. A separate username and password has been required by LexisNexis for several years, following a high-profile security breach in 2005 (http://www.nytimes.com/2005/04/13/technology/13theft.html). Many other websites, such as online newspapers, also require usernames and passwords.
Unfortunately, this desire for added security can often have the opposite effect: users who are afraid of forgetting multiple passwords frequently use the same password for all sites, or use extremely simple passwords which are easy for hackers to crack. In 2007, PC Magazine compiled a list (http://www.pcmag.com/article2/0,1759,2113976,00.asp) of the 10 most commonly-used online passwords:
- password
- 123456
- qwerty
- abc123
- letmein
- monkey
- myspace1
- password1
- blink182
- (your first name)
While you ponder the creation of your new Westlaw password this summer, review the OIT guidelines and ensure that your many other passwords are safe and secure. For related information on computer security, check out the Law School's Academic Technologies page (http://www.law.duke.edu/computing/security/index).