Reminder: CCIT Password Notice [28-APR-2017]

Chief Information Security Officer Phil Romig sent the following message on Friday, April 28th.

Important Reminder: Last Monday you should have received an email informing you that Computing, Communications and Information Technology (CCIT) has become aware of a possible cyber-security incident that has placed your school password at risk. At this time we have found no evidence that passwords are being actively compromised.

We have extended the deadline for changing your password to Tuesday May 2nd.  It is critical for your own security that you change your password before that date.

To change your password you need to visit the school’s Identity Self-Service page. The URL for this page is https: // identity . mines . edu. Alternatively, you can change your password using the CRL-ALT-DEL feature of Mines lab computers.

You should treat any email asking you to change your password or to login to a website with extreme caution. How do you know an email is a legitimate request? Here are a few basic measures that you can take to help you ensure the validity of email:

– Never click on a link in any email. Type the address into your web-browser by hand. You will notice that CCIT places spaces in web addresses so you can’t click on them.
– Use https: rather than http:. When visiting a webpage using https: you have some additional assurance that the organization named in the address is the owner and manager of the page.
– Visit the page https: // ccit. mines. edu/ verify. Anytime you receive an email from CCIT you should check CCIT’s email verification page. This page is controlled by CCIT and will list copies of mass emails sent to campus, allowing you to compare what you received with what we have posted.
– If you still have doubts you can call our Technology Support Center (ex. 2345). The consultant on duty can confirm the legitimacy of an email.

Phillip R. Romig, Ph.D.
Colorado School of Mines
Director CCNI and CISO