Sharing Eduroam Credentials/Sharing Your Password – Please Don’t!!

We have been alerted by JANET CSIRT (who are the security people at what is effectively our ISP) that a number of incidents have occurred over the last few weeks indicating that people at academic institutions have been sharing or encouraging the sharing of Eduroam credentials (i.e. wireless).

However convenient it may be to share your account password to temporarily allow someone onto the wireless network, it is not permitted and a very poor idea. Your username and password authenticates you to the Eduroam networks, but is also used to restrict access to your email, your files, and all the information you have access to via the University network. Sharing your personal account password with anyone is not permitted by the University password policy and could expose you to disciplinary action.

In addition, if you share your password you effectively become responsible for the activities of those you share the password with … and indeed with anyone they in turn share it with. This can have significant and drastic consequences; including ongoing consequences that persist long after the password has been changed (as a number of people at the University have found to their cost when their account password was compromised). Indeed, if illegal activities are carried out with your account credentials, the police will come knocking at your door.

Even if you manage to convince the police that you were not responsible, it does not stop the disruption of having a police raid on your home at 05:00 in the morning!

JANET’s notice regarding this can be read at: https://community.ja.net/blogs/eduroam/document/advice-regarding-keeping-eduroam-credentials-secure

Please, please, please do not share passwords.

This entry was posted in Uncategorized. Bookmark the permalink.