How does IU protect compromised accounts?

Upon receiving an incident report, the University Information Policy Office (UIPO) Incident Response team will follow the procedures outlined in ISPP-26: Information and Information System Incident Reporting, Management, and Breach Notification. As a general practice, the UIPO will attempt to immediately sever access by any unauthorized users to the compromised Indiana University network accounts or resources.

Passphrase scrambling

  • The UIPO may scramble the IU passphrases associated with the affected accounts. Scrambling a passphrase changes it blindly so that it is unknown even to the person who executed the scramble.

    If your passphrase was scrambled, you may be able to reset it; see Reset your IU passphrase.

    Important:
    • Although the UIPO may scramble passphrases, the UIPO does not reset them. You must initiate a passphrase reset through the UITS Support Center.
    • No one at IU will ever ask you for your IU passphrase.
    • The UIPO will not log into your email account to redirect email.

Blocking network access

  • The UIPO may disable or block network access as needed for security reasons or policy violations, such as failure to prevent or clean up after a virus infection or a network compromise, or failure to remove copyrighted materials after a Digital Millennium Copyright Act (DMCA) violation.

    To get your network access re-enabled, see If my network access has been disabled by UIPO or UISO, how can I get it re-enabled?

    Note:
    If your account passphrase has been scrambled, you will not be able to log in to complete a self-service unblock.
  • The UIPO will attempt to alert you and associated IT Pros to the security issue.

More information

For more about account security, see Protect IU's Online Safety & Security. Always follow best practices for computer security.

This is document adum in the Knowledge Base.
Last modified on 2017-12-14 13:47:05.

  • Fill out this form to submit your issue to the UITS Support Center.
  • Please note that you must be affiliated with Indiana University to receive support.
  • All fields are required.

Please provide your IU email address. If you currently have a problem receiving email at your IU account, enter an alternate email address.

  • Fill out this form to submit your comment to the IU Knowledge Base.
  • If you are affiliated with Indiana University and need help with a computing problem, please use the I need help with a computing problem section above, or contact your campus Support Center.

Please provide your IU email address. If you currently have a problem receiving email at your IU account, enter an alternate email address.