Core Administrative System Self-Service Security FAQ

What are the requirements for a Core Administrative System Self-Service password?

Your password must be at least 8 characters long and contain at least one numeric digit. It will expire after 180 days and will begin warning you that you need to change it 30 days before the expiration date. You may not re-use a password. To minimize the chance of someone guessing your password, use a mix of upper and lower case letters and avoid using words people might associate with you, such as names of family members or pets.

To fully protect your self-service information access:

  • Never share your password with anyone, including family members and Williams OIT staff.
  • Don’t use the same password for Self-Service that you use for other online accounts.
  • Don’t write your password down and leave it near your computer.
  • Don’t allow the web browser to save your login information, since it can be seen by others with access to the computer.
  • Keep your User ID confidential. You can share it with OIT staff.

How easy is it for someone to break in to my account?

If you keep your password secure and only log in from computers you trust, it is very, very difficult for someone to break into your account. If someone (including you) tries to sign in and fails 10 times in succession, your account will be locked and can only be unlocked by making a request to the Registrar’s Office or Human Resources.

How secure is my information as it travels over the Internet?

You will notice that the Self-Service URL’s begin with ‘https://’. The ‘s’ in ‘https’ means that all the information traveling over the internet between the Self-Service database and the computer you’re using to access it is encrypted. This is known as SSL (Secure Sockets Layer) encryption. You can verify that SSL is in use by looking for a padlock symbol to the right of the URL at the top of your browser window (or at the bottom right for Internet Explorer 6).

Who else has access to my personal information?

Your personal information is only accessible by authorized Williams College staff employees and via your self-service user ID and password. Never share your password with anyone.

Will any trace of my self-service information be left on the computer I use, where someone else could see it?

The core administrative systems instruct your web browser not to save (cache) any personal information. All commonly-used web browsers with a default setup should honor this request, but it’s important to only use computers you trust. Using a computer at work should be reasonably safe, and your home computer may be safe if you don’t share it with too many people (teenagers for example). We don’t recommend using other computers.

Commonly-used web browsers permit you to delete information the browser may have saved (cached) on the computer’s hard disk. We recommend you do this if you must use public or shared computers.

In Internet Explorer 7 & 8, select Tools, Delete Browsing History… .
In Mozilla Firefox, select Tools, Clear Recent History… .
In Safari, select Safari, Empty Cache… .

What if I forget to sign out?

The core administrative systems will automatically sign you out after 20 minutes of inactivity. But to fully protect yourself, always remember to sign out.