University of Pennsylvania
Business Enterprise Network
BEN Financials Home
Frequently Asked Questions
Advisories
Closing Schedules
Logging On
Desktop/Printer Standards
Documentation
Training
Security Access
Enhancement Requests
Financial Systems
Document/Forms
Contact Information
Feedback


U@Penn


University of Pennsylvania
Suite 318 Franklin Building
3451 Walnut Street
Philadelphia, PA 19104
215.746.4357 (Phone)
215.898.0817 (Fax)

Penn Home Penn A-Z Directories Calendar Maps
 
Business Enterprise Network

[ BEN Financials ]

Section 3. Passwords
Security & Access

Section 1. University Security
Section 2. Obtaining Logon IDs
Section 3. Passwords
Section 4. Accessing and Exiting BEN Financials

The new requirements will be as follows:

  • Passwords must be a minimum of 8 characters
  • Must include at least one uppercase letter, one lowercase letter, and one number

Overview

The Logon ID identifies the user to BEN Financials. Any use of the BEN Financials applications is the responsibility of the user, identified by logon ID. As part of the logon ID, it is important that BEN Financials users choose passwords carefully and guard against anyone else using them.

A temporary password is assigned when the logon ID is assigned. The user is required to change the password when logging into the application for the first time. Passwords should be changed at regular intervals and at any time they may have been compromised.


Security Passwords - What's the Big Deal?

The password is what prevents other people from misusing University administrative systems in the user's name. If a password is compromised - if it is shared with someone, written down or scripted in any automatic logon - then other people can misuse University systems and it will appear as if the user did it.

Passwords are stored in an encrypted format in password files. The average user would not be able to look at the file and determine an individual's password. However, some individuals have been able to steal files and "crack" or decipher the encrypted codes to illegally learn passwords. One "cracking" method is to obtain the encrypting program, encrypt every word in the dictionary and then compare that list to the list of encrypted passwords. If an individual's password is in the dictionary, the "password cracker" then knows what it is. This is why it is important to choose strong passwords. Strong passwords are those that don't appear in crackers' dictionaries - include special characters (e.g. *,!,+,?), numerals and a mixture of upper and lower case letters.


Protecting Passwords

  • Don't script the password (put it into programs that can be read by others)
  • Don't write the password down
  • Don't give the password to anyone - a boss, a friend, a systems administrator, anyone!
  • Change the password regularly
  • Pay attention to the date last logged in to be sure no one else is logging in
  • Don't send passwords through e-mail


Choosing Passwords

  • Choose a strong password - not one that could easily be guessed
  • Be creative
  • Do not use:
    • Birthdays
    • Family names
    • Words that could easily be identified with the user
    • English words or phrases
    • Proper nouns
  • Do use:
    • Numerals and special characters such as * & ^ +
    • Symbols which look like or sound like letters or words, e.g., instead of 'timetogo' use 'Tyme2Go'
    • A mixture of upper and lower case

Application passwords must be comprised of:

  • Passwords must be a minimum of 8 characters
  • Must include at least one uppercase letter, one lowercase letter, and one number
  • Passwords must not contain repeating characters

Note: The application password is case sensitive

Campus Window

Comptroller Spotlights

FY2014 Closing Instructions
New Category Codes
GL Object Codes FY2014
Concur Expense Type/Object Code Matrix (2015)

BEN Offices

BEN Deposits
BEN Financials
BEN Reports
spacer
spacer
Office of the President Home Page Penn A-Z Directories Calendar Maps
 
 
Copyright © , University of Pennsylvania
3451 Walnut Street, Philadelphia, PA 19104 · 215.898.5000
Copyright Information | Contact Us | Privacy Policy


Penn Home
Visit Penn's website