Account Security

HMS Information Technology

More... Share to Twitter Share to Facebook
Account Security

SafeCode

To ensure the integrity of all personal data, password changes at HMS include a mandatory process called SafeCode. Whenever a password reset is requested, a code to complete the reset will be sent to your cell phone (or optionally your non-HMS email address) to protect your account. This single use code must be entered correctly before you will be allowed to continue on to change your password. All SafeCodes expire within 10 minutes and can only be used once.

To change SafeCode device information (such as changes in the cell phone carrier), you will need to log into your eCommons account at http://ecommons.med.harvard.edu. Once logged in, select preferences, and then security tab. Change your SafeCode device information and save the changes.


Compromised Systems

Please report any security breach immediately to: ithelp@harvard.edu.

When a machine is suspected of having been infected or compromised HMS IT works to prevent the device from obtaining an IP address should the user plug the device into a different jack.  Any system that likewise causes performance issues or denies services shall be removed from the network and also from DHCP. Suspicious devices are identified through a combination of a perimeter IDS (Intrusion Detection Systems), firewall logs, and other tools.

For more information on account security please visit the Accounts & Access page.