What to Protect the Most?
Two important accounts:
CAS – Charles University Authentication Service
Charles University Authentication Service (CAS) is used
- to authenticate users for many applications (in particular in Student Information System)
- setting secondary passwords in other systems (e.g. wifi network eduroam)
- for identity federation eduID.cz
By breaking the CAS account, the attacker would gain access to a large number of services and a wealth of information.
Breaking a mail account would give the attacker
- information in archived emails
- the ability to send trustworthy-looking phishing emails to your colleagues or other universities
- the ability to reset passwords of other services
Especially for these two accounts, the user must not share login details with anyone and the same password must not be used for any other service – whether external or within the university network.