4 minute read
Administration
Has Your Password Been Stolen?
By: Darren Cantrill
How many of you use the same password for many sites? Did you know this is a common occurrence and many of your passwords are being sold on the dark web?
It was recently revealed that more than 44 million Microsoft account holders have been found using recycled passwords. This kind of login credential duplication is a gift for hackers who can then use one known, stolen, password against multiple different accounts with a good chance of gaining access to some of them.
Forbes’ article reveals the world’s 100 worst passwords. Are you using a bad password? Find out here.
There are ways to stay on top of your passwords, if you use Google’s Chrome browser, copy/paste this link into your Chrome browser window (chrome://settings/passwords) to bring up Chrome’s internal password manager.
It will look like this (click on the “Check passwords” text): A new window will open, and Chrome will go through the process of “Checking passwords” again.
I check my passwords frequently, and luckily my passwords only appeared 15 days ago for all 22 compromised passwords. Here is my Fitbit account information:
If you check too many times, you’ll get this error below. Select the link “check passwords in your Google Account”:
Where a new tab will open with:
PASSWORD from page 8 Click on the “Go to Password Checkup” box. This link takes you to your Google log in:
After logging in, the Google Password Checkup wizard will display the results of your checked passwords:
Selecting each section will display the sites that need to have the passwords changed. Conveniently, Google provides a link to “change password” for each site.
Another benefit from Google, if you happen to go to a website where your password “could have” been compromised, this helpful alert will pop up to let you know you might have a problem.
Administration
If you don’t use Google Chrome, there are a few sites you can check:
https://haveibeenpwned.com/Passwords and https://breachalarm.com/
The simplest way to protect yourself is use a password manager to create random, complex and unique passwords for every site or service.
This also ensures your passwords are stored in an encrypted database. There are many solutions available (some paid/some free). I’d recommend you do your research and pick the one that meets your needs (Link 1 & Link 2 - best password managers for 2020).
If websites use two-factor authentication, please start using this as it provides a second layer of protection.
Two factor authentication is a method in which a computer user is granted access only after successfully presenting two or or more pieces of evidence to an authentication mechanism.
Password management is an important part of protecting your online presence so take the time now to keep yourself protected!
Administration
New Upgrade to DOTCMS Goes Live
By: Alan Hilton
The DOT Content Management System (DOTCMS) is the Department of Transportation’s online searchable archive system for storage of documents in electronic form. On August 3, a new upgrade of DOTCMS was launched, representing the culmination of a major project effort undertaken by DOT/ ADMIN Division personnel from the Computer Systems & Services Office (CSS), and the Business Management Office (BUS).
The original DOTCMS, first brought on line in the early 2000s, saw it’s last major upgrade in 2010. By late 2018, the operational system was running technology no longer supported by the principal vendor (IBM), creating a need to upgrade DOTCMS to a newer, vendor-supported environment. The upgrade that just launched was initiated with major work starting in the first quarter of 2019, with a prototype concept being shown to the DOTCMS end-user support team, consisting of personnel from BUS, CSS, and their contracted consultant, ThoughtFocus Inc. The long journey to upgrade, starting from early 2019, reached its final goal with the recent “Go-Live” announcement sent on August 3rd, 2020, to over 500 registered users comprising the DOTCMS user community located in office units throughout all four DOT Divisions. DOTCMS serves a variety of archival and access functions for a wide range of DOT document types. These include Administrative and Contracts-related documents, official DOT Correspondence, financial documents such as Audit Reports and Summary Warrant Vouchers, Program and Project documents, Property Agreements, and Property Insurance documents. DOTCMS also provides some specialized functions for certain Divisions, like serving as a back-end for Harbors Division’s GIS system, and providing hyper-linked resources used within Airports Division’s property management system (AIRMIS21). It even includes a directory to legacy archive collections, like microfilmed records that were created prior to 2002, should they ever be needed for retrieval in support of current DOT projects.
File Room staff of the BUS Office Services section (BUS-O) provides central filing services for DOTCMS. The document image files stored in DOTCMS are saved in PDF/A searchable format, which includes both the image of the original document and the text created from conversion into computer readable characters. Primary information about documents, referred to as “property values”, are entered by BUS-O staff and saved in document profile records to pro-
