University NetID Services: NetID FAQs





	About NetIDs NetID FAQs Your @georgetown.edu How to get a NetID Info for new employees Don't know your NetID password? More than one NetID? Departing employees Info for Alumni Password security NetID Tools Change your NetID password Review or change your e-mail routing Administrative NetIDs / Aliases / Listprocs Directory Information About the Directory View your online directory entry View your contact information in Directory Access+ NetID-enabled Applications Access+ Services Blackboard Data Warehouse GUCalendar GUExpress GUMail GUShare hoyasonline Peoplesoft Admissions Web Services	HOME » NETID SERVICES University NetID Services: NetID FAQs What is a University NetID? A University NetID is an automatically assigned, unique electronic identifier for each authorized user at Georgetown. Having a NetID does not automatically give access to all computer systems or services--access can be defined and provisioned by the service provider or system administrator. In many cases, it is still necessary to apply for access to a given system or service once the NetID has been created. Who is eligible for NetID services? NetIDs are automatically assigned to all individuals who are active in the University's core business systems for human resources, students, and alumni. Volunteers, contractors and other people not paid through Payroll can also have a NetIDs. Different services will be available to each person, depending on their affiliation with the University. How are University NetIDs created? New NetIDs are generated the evening after a person is added to a core business system, and are published the following morning. NetIDs are created using the person's initials as entered in the core business system, along with a number to distinguish the NetID. Individuals who were part of the Georgetown community in 1998 when the system was created, retain their previous e-mail user names as their NetID. Why does Georgetown have a NetID system? Centralized identity manangement ensures that identical IDs are not assigned to different users. Automatic creation shortens the time required to create user accounts. Since faculty, staff, and students need to log into numerous systems, uniform NetIDs mean that there is only one user name to remember. What are NetID-enabled applications? University NetID-enabled applications are ones that share a common authentication procedure, meaning that each service confirms a NetID+ password combination against one central store. While most account names mirror a person's NetID, the NetID password will only work for NetID-enabled applications. Why is my NetID in the form of initials and numbers? Georgetown's NetIDs are used not only for e-mail, but as user names to log in to a variety of computer applications. The fundamental points of a NetIDs are that the NetID is unique, automatically generated, and easier to remember than a random user name. Can I change my NetID? NetIDs are only changed in the small number of cases where a typographical error in the spelling of a person's name has occured or the NetID spells an offensive word. Changing a NetID requires a great deal of coordination, effort, and care to ensure that a person's access is not unduly interrupted and that the change is properly reflected through all systems which use NetIDs. At this time, it is not possible to select your own NetID or to use a personal alias as an alternative email address. What are the requirements for NetID Passwords? NetID Passwords must have the following characteristics: Be at least eight characters in length Contain at least one uppercase or lowercase alphabetic character Contain at least one number Contain at least one punctuation or symbol character (! @ # $ % ^ & * ( ) _ + \| ~ - = \ ` { } [ ] : " ; ' < > ? , . / , etc.) Not be derived from a dictionary word or simple pattern such as abcdefgh Why are Strong NetID Passwords Required? Passwords are used to control access to Georgetown University systems, networks, applications, accounts, and data. A compromised password not only puts your email and files at risk, but may also expose sensitive University data and systems. With your NetID password, someone could not only send email that appeared to come from you, but they could view your salary information, bank account numbers for those using direct deposit, could post grades in Faculty Access+. One of the most common methods that attackers use to guess passwords is known as a brute force attack. In a brute force attack, the attacker systematically tries possible passwords, often with the assistance of a dictionary file or wordlist, until he manages to break into an account. By choosing passwords that are hard for an attacker to guess, you will significantly improve the security of your computer and data. For tips on selecting good passwords and keeping them secure, please the UIS Security Office's Password Guideline page. What are "Levels of Assurance"? Levels of Assurance relate to the confidence the University has in the credentials--in the form of a NetID and password--that a person is presenting to access electronic resources. The concept also applies to password resets in that a reset performed based on the presentation of a physical ID in person confers a higher level of assurance that the person is who they say they are than a fax of a government-issued photo ID. A faxed ID in turn confers a higher level of assurance than responding to an online hint question. Using an online hint question lowers a person's level of assurance and bars them from accessing certain sensitive applications such as Student Access+ to view grades or print an unofficial transcript. If your level of assurance has been lowered as a result of using a hint question, you can fax the Level of Assurance form to the Help Desk at 202-687-1162. What is meant by "level of assurance"? A level of assurance is the confidence that the credentials presented to access electronic resources are being offered by the proper owner of the credential. A credential in this case is the combination of NetID and password. How is a password reset related to a level of assurance? Georgetown resets passwords based on in person presentation, receipt of a scanned or faxed ID and hint questions for Alumni. A reset performed in person confers a higher confidence level that the password is being given to the appropriate person than a faxed image. A faxed ID in turn confers a higher level of assurance than responding to an on-line hint question. Why does answering a hint question bar me from logging into certain applications? The current hint question regime is not robust enough to grant access to systems with sensitive information. A long-term project is underway to redo the identity management system and strengthen the hint question system. Why do services require different levels of assurance? The level of assurance is set for each application based on the sensitivity of the data within the system. The Alumni Association has determined that they will allow people to log in the Alumni Directory with a low level of assurance. Student Access+ grants access to a person's academic record, where SSNs may be viewable, so the Registrar's Office mandates a higher level of assurance for that system. Because of planned integration into the Admissions database, a high level of assurance is required for accessing the AAP web site. I'm an Alumni and I'm not sure if I know my password. To test the password you are using, you can try logging into the Alumni Directory. If you are able to log in there but not other applications, your level of assurance is probably at the low level. If you are unable to log in there, you are likely using the incorrect password. I know my password, but I cannot log in to the AAP site, Student Access+, or Lauinger's Library Link databases. What should I do to gain access? Your level of assurance is probably low as a result of using a hint question at some point in the past. To have it raised and access all of these services, you can fax the Level of Assurance form to the Help Desk at 202-687-1162. Why must I send multiple faxes for LOA changes? The level of assurance associated with your NetID changes each time you reset your password using a hint question. This means that your identity must be re-confirmed after each password reset. If a person resets their password in October, has their level assurance raised by sending in a Level of Assurance form and then their hint question used to reset the password again in November, the October fax is no indication that the second reset was not done by a malicious third party. This is why we require another fax ? to verify your identity before granting access to sensitive information. Taking steps to remember your NetID password is the best way to avoid the need to reset and re-fax. My bank doesn't require these steps, why does Georgetown? There are several differences between the banking setting and Georgetown. In the banking case, the username (either SSN or bank account number) is a secret along with the password. In our environment the username is a public attribute that appears in email addresses, so only a single secret protects the data. According to our Security Office banks buy insurance to protect against the instances when a password is stolen. Georgetown doesn't currently carry that insurance. Why must my NetID password be so complicated? Georgetown has a single complexity standard regardless of a person's affiliation with the University. Using their NetID and password, faculty members post grades, students register for courses and submit academic work, and employees check their payroll and benefits information. The activities Alumni engage in are arguably less sensitive, but no mechanism exists to vary the requirements.