A number of users email passwords have been changed as a result of hackers guessing the “default” password for several of our users. These hackers sent millions of spam email messages using the email address and password of these compromised faculty and staff accounts. This lead to our email servers being blacklisted so no one would accept emails from our servers. Due to the large number of compromised accounts, and the huge security issues this poses for us, we had to make the immediate decision to reset the passwords of all email accounts that were still set to the original default password. We did not change the password of email accounts of users who have at some point changed their password to something other than the default.
If you are unable to login to your email account, your password will need to be reset. ITS cannot do this by telephone since we are unable to identify you. You will need to contact your Dean or Supervisor and they will contact the appropriate ITS staff member to reset it for you.
Once you login to your account we HIGHLY recommend that you change your password to something that is not easy to guess but you will remember. (on a PC, you can simply press CNTRL+ALT+DEL and select the “change password” button)
Below are some FAQs to help address some of the commonly asked questions and concerns.
Still not working?
If you try to login to your email account too many times with the wrong password, your account will be temporarily disabled. In this case, you will need to contact your Dean or Supervisor so they can have it reset for you.
What if I’m using a generic email address for my division, department, service, etc…?
If you are logging into an email account that is not associated with a person, such as a department email address, then you will need to contact your Dean or Supervisor to submit a request for the new password:
How do I change my password?
Please choose a password that is not easy to guess.
Windows users (3 easy options)
1) Press CTRL+ALT+DEL on your PC while logged in. Select the “Change Password” option
2) Visiting the Portal Page at http://www.smccd.edu/portal and click on the “change password” link under “Information Technology Services”
3) Logging into Outlook Web Access (Web based email) http://mail.smccd.edu , select “options” and then select “Change Password”
Macintosh users (2 easy options)
1) Visiting the Portal Page at http://www.smccd.edu/portal and click on the “change password” link under “Information Technology Services”
2) Logging into Outlook Web Access (Web based email), select “options” and then select “Change Password”
If you have any questions about changing your email password please contact the ITS Helpdesk by placing an IT Service Request at http:/www.smccd.edu/accounts/portal/
What about when I login to my computer, web folder, sharepoint, faculty door card, IT Services Request Form and other systems (such as Smart Phones) that use my email username and password?
When you change your email password, you will need to login to the computer, web folder, sharepoint, etc… using your new password. On your Smart Phone it is very important that you go into the settings area and change to your new password. If you use the wrong password more than 5 times (or your Smart Phone attempts to download email for you several times with the old password), you will be locked out of your account and will need to call your Dean or Supervisor to assist.
What about my home computer, laptops, mobile devices such as cell phones that I use to check my email?
Ensure any devices you have that connect to our email servers are using the new password. If your smart phone is set up to automatically push your email you may unintentionally lock yourself out of your account if it continues to use the old password.
What would happen if my account gets hacked?
If a hacker can get into your email account they will use it to send thousands of spam emails to servers all over the world. That will lead to our email servers being blacklisted and everyone with a district email address will be blocked from sending email to the outside world (no sending email to gmail, yahoo, hotmail, Comcast, etc…) Also that hacker will now have access to everything that uses your email address as a login, regardless of the password, because they can have the password emailed to them. Everything you have access to from off our network is at risk of being hacked including your sharepoint sites, WebAccess courses and web folders. Everything you may use your district email account for such as banking, social networking, shopping, etc… are also compromised.
How will I know if my account has been hacked?
If someone is using your account for malicious activities you will probably notice hundreds of bounce-back messages for emails you never sent. Always make sure your password is at least 8 characters long (ideally upper and lower case, plus numerals included in the password)