Journal Entry #1

 Reflection 1 (January 4, 2023 – February 6 , 2023)

The first few weeks in January at the Help Desk can be quite busy and demanding. We are on calls 90% of the time solving tons of different problems. Some of these problems can include Duo mobile issues, password resets, course issues, email service issues, and account creations. These are just some of the issues that we can see in the first weeks of school. One thing we do at the Help Desk for security issues requires an ID to do an admin password reset. This is such an important step I believe because you don’t wanna be resetting passwords for non-account owners. Something that I have noticed with this is that individuals dislike this system and would rather not have to send in their IDs or phone numbers. I think this can be because of efficiency because they rather reset it on that phone call as soon as possible. Many of them claim that they are willing to verify their phone numbers, names, dates of birth, and social security numbers. I think this is mind-blowing that people are willing to give out their social security number but not send an ID that gets deleted off the server once we have verified identities. In these cases, we can only explain to the individual that it’s a security issue. I usually try to relate this to giving their account to random individuals. I also remind them that there is a lot of personal information on their accounts including social security numbers, credit card information, and much more. I think it’s important to make these connections for the callers and users because they are willing to work with you afterward. Another topic and process that callers have a lot of trouble with are changing their passwords. A Lot of individuals will have trouble coming up with passwords that follow the guidelines set by MIDAS.  

The passwords minimum Digits: 1

 Minimum Uppercase Letters: 1

 Minimum Lowercase Letters: 1

 Length Range: 8-24

 Maximum Consecutive Same Character: 2

 Minimum Allowed Special Characters (! % + – : _): 1

 No Personal Information: 0th follow the following rules 

No Dictionary Words on Level: 1

Additional Rules verified on submitting the new password

Number of previous passwords that cannot be reused:  7

One password change per: 24-hour period

Character Difference To Last Password:  1

I do understand that Midas has a lot of rules set in place when making a password. But from a cybersecurity standpoint, it sets the best precedent for safety and security. This is where I begin thinking from a cyber security mindset. Although the password is inconvenient for many people because they are required to be 8 characters and must contain symbols and letters. These requirements make MIDAS password strong against simple password-cracking tools. This set of rules makes for roughly 9.308338151941866e+57 possible passwords. Although these extra security measures like Duo Mobile and password rules can be inconvenient for many. From a cyber standpoint it’s important because like I said at the beginning of this journal, MIDAS holds a lot of personnel information and is essentially the key to the castle.