DPSAC News - Year in Review
Some Headlines & Excerpts from Past Issues of DPSAC News in 2012. Clicking on the date will take you to that issue of the newsletter.
NED Training Schedule Set for January, February, March, 2012
The HSPD-12 Program Office is offering a series of classes in January, February and March for NED beginners and experienced NED users. Take advantage of this opportunity to quickly master NED in a hands-on computer lab environment.
NED Self Service - How NIH Staff Can Update Their Own NED Record
The accompanying graphic, prepared by the HPSD-12 Program Office and the NED Project Team, illustrates the steps individuals can take to update their NED record.
Do not lend your ID badge to anyone to gain access to NIH facilities -- lending out your ID card is prohibited. The issuance of the new HHS ID Badge is based on strict identity proofing and the determination of one's suitability for a specific position classification.
January 25, 2012
NIH Establishes E-mail Format Requirements
The NIH Office of Management Working Group on Improved Communications has established new guidelines to streamline and increase effectiveness for e-mail communications. These guidelines, described below, are intended for use by all NIH employees, contractors and affiliates.
News Briefs - Emerging 'Near Field Communication' technology could alter access control landscape
Excerpted from GSNMagazine.com, January 18, 2012
By: Jacob Goodwin
A relatively new technology known as Near Field Communication, or NFC, is spreading rapidly through high-tech sectors of the economy and will soon begin touching different aspects of the security sector. NFC enables electronic devices, such as smart phones and other portable handheld units, to communicate with each other at short distances -- and conduct safe and secure two-way transactions.
NFC is likely to change the way individuals authenticate themselves outside a locked door, and how an organization's access control system eventually instructs that door to be unlocked, according to Brent Bowen and Laurent Sanchez, of Inside Secure....
February 8, 2012
Coordinate Legal Name Changes in NED with the NIH IT Service Desk
The NED Project Team wants AOs/ATs who update a person's name in NED to instruct the individual to contact the NIH IT Service Desk (301-496-4357 or http://itservicedesk.nih.gov/support/) in order to complete the name change process.
NED automatically generates a new HHS ID badge request following the update; however, a name change often involves getting a new Active Directory (AD) user name and primary e-mail address as well. When this happens, a person must obtain new digital certificates on their HHS ID badge ("PIV card") so it works for logical access....
PSC Regional Offices Now Offer Enrollment, Badge Issuance and Certificate Renewal Services to NIH Personnel
The NIH has contracted with the Program Support Center (PSC) to offer badging services at its Regional Offices to NIH personnel located around the country. This arrangement provides a solution for the many individuals who require enrollment or badge issuance services as well as certificate re-certifications, but travel to DPSAC's facilities in Bethesda or other satellite locations would be impractical.
Temporary Lifting of Security Freezes on Credit Information Required for Some Security Checks
The following article...is reprinted periodically to remind individuals who will occupy positions of public trust or higher to temporarily lift security freezes on their credit files so that OPM is able to complete background checks on them.
The Office of Personnel Management (OPM), Federal Investigative Services Division (FISD), has experienced an increase in the number of national credit bureau checks that are unobtainable due to individuals of investigation placing a security freeze on their credit file....
When OPM-FISD is unable to obtain a tri-bureau credit report due to one, two, or all three bureaus having a security freeze, the overall effect is an incomplete investigation....
In order to ensure the quality of OPM's investigative products, effective immediately, if you have a security freeze in place, it must be temporarily lifted prior to submission of the e-QIP to the DPSAC office. This requirement applies to national credit bureau checks which are conducted as extra coverage for positions of 'public trust' or higher....
February 22, 2012
Mandatory Smart Card Use for Remote VPN Access to NIH Net -- Another Reason to Renew Your PKI Digital Certificates
Until now, the principal reasons to renew your smart card PKI digital certificates were to enable the sending and receiving of encrypted e-mail and to digitally sign e-mail messages. Also, up-to-date smart card certificates have been required for those who must use their card to login to the NIH network [e.g., AO Sponsors and others who need to access restricted sites on the network].
Starting March 1, 2012, individuals who use remote VPN to access the NIH Net will need to use their smart cards (with up-to-date PKI digital certificates) to login....
All NIH Remote Access Users to be Moved Into Two-Factor VPN Groups
On March 1, ALL NIH remote access users will be moved into 2-Factor VPN groups. The elimination of single-factor VPN groups is a necessary step in finalizing NIH's transition to 2-factor authentication for remote access.
ICs and DPSAC Make It Easy to Renew Smart Card Digital Certificates
PIV cardholders receive a 'certificate expiration notification' from HHS six (6) weeks prior to the certificate expiration date. These e-mails alert the Cardholder of the impending expiration and provide OPDIV-specific directions on how to get their certificates renewed.
NIH PIV cardholders can select from one of two options to renew their certificates (and reset their PINs):
1. Make an appointment with their IC's local Lifecycle Work
Station operator.... This option is usually the most convenient
and time saving alternative.
2. Make an appointment to visit one of DPSAC's Badge Issuance
offices on campus.
ICs prepared to help with PIN resets, certificate renewals -- DPSAC is urging all ICs to reach out to their staffs to use their local LWS resources for PIN resets and certificate updates.
DO NOT fax e-QIP investigation questionnaires when submitting other required e-QIP paperwork -- Faxing the entire questionnaire (which can run over 60 pages) wastes paper, slows down the investigation process, and ties up the fax machines. If DPSAC staff need to review the questionnaires, they can do so electronically.
March 7, 2012
Improper Entries in SF-86 'Cohabitant' Field Will Trigger Unnecessary Background Search
The Office of Personnel Management, Federal Investigative Services (OPM-FIS) recently published an advisory warning that some individuals filling out the SF-86 form in their e-QIP application are improperly entering "Relative" information in the 'Cohabitant' section or are improperly providing "Spouse" information in both the "Spouse" AND "Cohabitant" sections of the form.
The SF-86 provides the following instructions regarding a 'cohabitant':
"A cohabitant is a person with whom you share bonds of affection, obligation, or other commitment, as opposed to a person with whom you live with for reasons of convenience (e.g. a roommate)....
Updating Your Digital Certificates - The Rest of the Story
You may think that once you've updated your digital certificates (or retrieved your old certificates) your job is done and you can continue to receive and read encrypted e-mails. Not quite.
To continue reading encrypted e-mail with your new certificates, a couple of additional steps are required:
1. You'll need to publish your new certificate to the Global Address List (GAL)....
2. You'll need to make sure the SENDER has updated their local contacts list with your new certificates....
March 21, 2012
Upcoming Changes in NED
There are several new changes coming to NED in the next release scheduled for April 16, 2012. The biggest change modifies the existing badge process. NED will only allow one active badge service request at a time....
Another major change to the badge issuance process will impact applicants designated as a foreign national working at the NIH. The Division of International Services (DIS) will verify that all individuals placed at the NIH who are not U.S. citizens or lawful permanent residents have been lawfully admitted to the United States, and are undertaking activities at NIH that are appropriate for their immigration status.
DIS must clear a foreign national before he or she is eligible for an NIH Identification Badge initial request or badge reissuance due to legal name change.
April 4, 2012
Responding to Letters of Interrogatory
When issues are discovered during the adjudication of a case, no matter how minor, DPSAC is required to follow up with that person and provide a response to the Office of Personnel Management (OPM).
A DPSAC staff member may contact the individual (employee, contractor or affiliate) by e-mail, telephone or by certified mail to that person's home address. If the individual does not respond in the time allowed, s/he will be referred to the appropriate officials for termination. If more time is needed to respond, the individual is given the opportunity to request an extension.
View Individual Certificate Expiration Dates by IC
The 'cert' expiration dates are posted at: http://smartcard.nih.gov/PKI_subscribers.htm. The first bullet on that page shows an NIH Smart Card badge holder Excel sheet ... that includes 'Cert Expiration Date.'
April 18, 2012
NIH to Require HHS ID Badge Smart Card and PIN for ITAS Login Starting June 18, 2012
The NIH is changing the way its workforce accesses information systems and the network. As reported recently in DPSAC News, the first phase of this logical access implementation was completed on March 1, 2012 when two-factor authentication was required for VPN remote access. The NIH is currently working towards the next two milestones:
1. June 18, 2012: all Federal employees will be required to use their HHS ID Badge smart card to access the Integrated Time and Attendance System (ITAS). Logging into ITAS with a username and password will no longer be available following this deadline.
2. March 29, 2013 (tentative): the entire NIH community (employees, contractors and affiliates) will need to use their HHS ID Badge smart card to access the NIH network on personal computers that run Windows. A computer will log a user off if a smart card is not used to login.
STOP! Before You Change Position Information in NED...
DPSAC is reporting an increase in the number of unnecessary changes to the Position Information fields in NED.
In NED, Position Information is captured to determine a position's sensitivity level and to signal the appropriate background investigation that must be completed....
The position information entered into NED is sent to DSPAC so they know which background investigation to initiate. Please note that NED only collects Position Information when it is required by DPSAC.
It is important to remember that as an AT or AO, you should not change an individual's Position Information unless it is truly required....
May 2, 2012
ORS Launches First NIH Pilot to Test HHS ID Badge Smart Card Login to the NIH Network
On April 12, 2012, ORS became the first group at NIH to participate in a pilot to test 'smart card login' with an HHS ID Badge and PIN to access the NIH network.
Transitioning to a login policy that replaces username/password login with HHS ID Badge smart card/PIN login at NIH is part of the Federal government's continued implementation of HSPD-12 to safeguard the Federal community, information, systems, and facilities through identity certification and access management....
New Lifecycle Work Station Operator Training Guide Posted Online
May 16, 2012
June 18, 2012 Deadline Fast Approaching for Mandatory HHS ID Badge Smart Card & PIN Login to ITAS
...starting June 18, 2012, NIH will transition to mandatory use of the HHS ID Badge smart card and PIN (two-factor authentication) for everyone logging into the Integrated Time and Attendance System (ITAS). Logging into ITAS with a username and password will no longer be available to Windows users following this deadline....
CIT Launches Site to Test HHS ID Badge Smart Cards
The Center for Information Technology (CIT) has created a simple test site that allows people to try smart card login through a simulated iTtrust (NIH Login) page. You can confirm your PIN and check if your digital certificates on your HHS ID Badge are working. Visit the test site at: http://testmysmartcard.nih.gov.
Online table of expiring digital certificates by IC now viewable only by ISSOs -- the directory that shows digital certificate expiration dates by IC has moved. These files, which were previously accessible to anyone who could log into http://smartcard.nih.gov/PKI_subscribers
, are now viewable online only by ISSOs....
PIV SmartCard Access to myPay Now Available --
the Defense Finance and Accounting Service (DFAS) recently announced that starting April 30, 2012, individuals can use their HHS ID Badge smart card and PIN to access their myPay account.
May 30, 2012
Legacy Badges Instead of HHS ID Badges for NIH Workers Ineligible for Social Security Numbers
DPSAC reports seeing an increase in the number of individuals who are ineligible for a social security number due to a variety of work visa situations. In these cases, individuals do not qualify for, nor should they have been be issued an HHS ID Badge (PIV card).
According to DPSAC, individuals ineligible for a social security number who have been issued an HHS ID Badge will need to replace their HHS ID Badge with an NIH legacy badge. If these individuals need logical access, they will need to work with their AO.
Individuals who don't have a social security number cannot have a background investigation; and, without a background investigation, these individuals cannot be issued or possess a PIV card (HHS ID Badge). This policy is cited in FIPS-201-1.
DPSAC is currently in the process of deactivating HHS ID Badges (PIV cards) for those who do not have a social security number in NED.
NED Job Aid Updated -- The job aid titled, "Comparing NTE Date with ID Badge Expiration Date" has been updated to reflect the revised life cycle of the HHS ID Badge. The ID Badge Expiration Date will default to five (5) years unless determined by an AO/AT or by DPSAC to be shorter in length.
Keep your passwords up to date -- Everyone transitioning away from username/password to HHS ID Badge smart card/PIN login will still need to update their password when they receive an e-mail notice that their password is about to expire. Otherwise, they will be locked out of their computer until they have updated their password, even though they may not be using their password for login.
June 13, 2012
Exemptions to Mandatory HHS ID Badge & PIN Login to ITAS
Some users will be granted an exemption to the ITAS smart card login requirement. Exemptions fall into five categories:
- Users who will not be issued an HHS ID Badge (PIV card) such as OCONUS and summer students.
- Users who are unable to use an HHS ID Badge (PIV card) such as individuals who may be physically unable to operate a card reader and PIN pad.
- Users who are temporarily unable to use an HHS ID Badge (PIV card) such as individuals who are waiting for their HHS ID Badge to be issued, or have a lost, broken or stolen HHS ID Badge.
- Users who do not have access to a government-furnished computer running Windows, such as Macintosh computer users.
- Users who are unable to resolve issues with their HHS ID Badge (PIV card) in the timeframe available for the temporary access such as individuals who have issues while on extended travel.
To request an exemption based on one of the criteria above, individuals should contact the NIH IT Service Desk at 301-496-4357 or submit a ticket online at: http://itservicedesk.nih.gov/support.
No Signed e-QIP Signature Pages Means No HHS ID Badge!
Effective immediately any new NIH employee, contractor or affiliate who needs a background investigation (i.e., who does not have a background investigation on file) will need to complete e-QIP and submit their e-QIP signature pages to DPSAC prior to the HHS ID badge being released for issuance. Please contact the DPSAC Helpdesk at 301-402-9755 if you have questions about the status of an applicant's badge.
June 27, 2012
NIH Ready to Launch New ITAS Login Process Requiring PIN and HHS ID Badge
The Integrated Time and Attendance System (ITAS) transition to smart card login will go live on the evening of July 2, 2012. Starting on July 3, ITAS users will need to log in with their PIV card (aka HHS ID Badge or smart card) and Personal Identification Number (PIN) instead of their username and password.
July 11, 2012
NIH Begins Using New ITAS Login System
Mandatory use of the PIV Card (aka HHS ID Badge) and PIN to access the Integrated Time and Attendance System (ITAS) went live at NIH on the evening of July 2, 2012.
What's On YOUR PIV Card (aka HHS ID Badge)?
You may be wondering what type of information is contained in the Personal Identity Verification (PIV) card (aka HHS ID Badge) that hangs around your neck. The answer is provided below. Note that NO personally identifiable information (PII) is included.
The information on your PIV card (HHS ID badge) includes:
- Your photograph
- Your full name
- Your HHS Operating Division (NIH)
- Badge expiration date
- Badge serial number
- Federal agency smart credential number (FASC-N) (which uniquely identifies your OPDIV and you)
- An authentication key
- Two electronic representations (algorithms) of your fingerprints
The following information will NOT be on your ID badge:
- Social Security Number
- Addresses
- Phone numbers
Golden Questions No Longer Needed to Access e-QIP
e-QIP users are no longer required to answer 'Golden Questions' to access the e-QIP system. In place of the Golden Questions, e-QIP users will now enter a username and password.
July 25, 2012
Notice to Update Expiring Certificates Revised
Forty-two (42) days before the digital certificates stored on an individual's PIV Card/HHS ID Badge expire, the Department sends out a reminder to the badge holder to update his/her certificates. Due to recent technical difficulties with the scheduling system embedded in the original notification, the Department on Monday July 20, started sending out (a) revised notice. In place of the scheduling system link, the revised e-mail provides a link to the directories for LWS operators and locations.
Returning Your HHS ID Badge/PIV Card When Leaving NIH
Individuals leaving the employ of NIH - whether as employees, contractors or affiliates - will need to turn in their HHS ID Badge/PIV card to their Administrative Officer for deactivation in NED. The AO will turn over the deactivated HHS ID Badge/PIV Card to the local badging office.
August 8, 2012
Remember to Return Your HHS ID Badge (PIV Card) When Leaving NIH
Employees, contractors or affiliate who plan to leave the employ of NIH must turn in their HHS ID Badge to their AO so that s/he can deactivate the badge in NED within 18 hours according to the Federal Information Processing Standard-201 (FIPS-201). Deactivated badges should be returned to the badging office for proper disposal.
Individuals with No Social Security Number
CAPT Theresa Minter, Director of the Division of Personnel Security and Access Control (DPSAC), sent the following message to the NIH Administrative Community on August 8, 2012:
Important Message Regarding Individuals with no Social Security Number
For foreign visitors/volunteers/etc. who do not have (and will not be) obtaining a Social Security Number, DPSAC will no longer be able to issue an HHS ID Badge to these individuals. If these individuals require an ID badge for accessing the NIH, they must obtain an "Extended Visitor" badge from the NIH Police.
The process to receive an Extended Visitor badge can be found online at: http://www.ors.od.nih.gov/ser/dp/Pages/PoliceIDCards.aspx .
August 22, 2012
New Code Letters Added to Digital Certificates Will Help Users ID the Appropriate Certificate
As of July, 2012, all newly issued and renewed PIV Card/HHS ID Badge certificates now include a code letter at the end of the "Issued to" name to allow users to easily differentiate between types of certificates -- Authentication, Encryption and Signing. This new code letter suffix defines the use of each certificate, making it easier to identify and select the correct certificate.
Note: certificates issued or renewed prior to July 2012 will not show the code letter.
Below are examples of how the certificates with codes appear:
- John Doe -A - identifies the client authentication certificate
- John Doe -E - identifies the e-mail encryption certificate
- John Doe -S - identifies the digital signature certificate
LWS Operators Now Able to Renew Digital Certificates Expired Beyond One Year
Administrators for the HHS Smart Card Management System (SCMS) have reset the digital certificate renewal parameters so that individuals can now renew their certificates at a Lifecycle Work Station (LWS) even if their 'certs' are expired for more than a year.
Prior to this reset, individuals whose digital certificates had been expired for more than a year needed to visit a badge issuance station to renew their certs. LWS operators could not perform cert renewals for these individuals.
Diagnosing a 'Broken' Smart Card Reader
Sooner or later everyone's smart card reader will need to be cleaned. One sign of a dirty card reader could be a message on your computer stating that it cannot recognize your card type.
Cleaning your card reader is one of the steps listed below that users should follow in diagnosing a "broken" smart card reader:
1. Check if the reader can read *any* smart card.
2. If the reader is external, try a different USB port
3. Clean the reader with a smart card reader cleaner
4. Uninstall and re-install the smart card reader device driver
5. Replace the physical smart card reader
September 5, 2012
Keeping Digital Certificates Current & Knowing Your PIN Becoming Critical for Accessing NIH Resources --
18,000 Digital Certificates Scheduled to Expire Over the Next Six Months.
DPSAC is notifying Lifecycle Work Station (LWS) Operators that they will be seeing an increase in requests to reset PINs and renew digital certificates. This trend will continue over the coming months as more than 18,000 digital certificates will expire between now and March 2013.
It is also likely that more users will need to reset their PINs as ICs begin to implement the requirement to log in with a PIV card (HHS ID Badge) on Windows computers.
PIV Card/HHS ID Badge Tips and Reminders
o Digital certificates can only be renewed if they are within 42 days of
expiration, or if they have already expired.
o Some ICs have elected to deploy the 'Access Card Utility (ACU).'
This software allows individuals to renew their digital certificates at
their computer IF the certificates are within 42 days of expiration
and not yet expired.
September 19, 2012
Paperless e-QIP Process Saves Time, Increases Efficiency
New NIH hires (employees, contractors and affiliates) can now complete and submit both their e-QIP questionnaires and their signature pages electronically. DPSAC is encouraging everyone who receives notification to complete e-QIP to do just that to help reduce paperwork and speed up the PIV process.
October 3, 2012
FY 2013 OPM Pricing Schedule for Background Investigations
The Office of Personnel Management (OPM) recently published the FY 2013 pricing schedule for Background Investigations.
The rates published in OPM Circular Federal Investigations Notice - No. 12-07 - Investigations Reimbursable Billing Rates for FY 2013 have remained unchanged from FY2012. Costs for the five most commonly ordered investigations at the NIH are listed in the table below:
Level of Investigation Required
|
Standard Rate
|
Priority Rate
|
NACI (National Agency Check and Inquiries/Level 1 Non Sensitive)
|
$125
|
n/a
|
ANACI (National Security/Level 2/Secret)
|
$260
|
n/a
|
SSBI (National Security/Level 3 & 4/Top Secret)
|
$4,005
|
$4,399
|
MBI (Public Trust/Level 5b/Moderate Risk)
|
$752
|
$809
|
BI (Public Trust/Level 6/High Risk)
|
$3,189
|
$3,780
|
NED Discrepancy Reports Help Enhance Quality of NED Data
According to NED News, there are three types of NED Discrepancy Reports:
1. "NED-HRDB comparison" or "NED-FPS2 comparison" identifies inconsistencies between data fields contained in NED records and corresponding records in HRDB (Human Resources Database) and FPS2 (Fellowship Payment System). Record comparison relies on the SSN.
2. If the SSN contained in a person's HRDB or FPS2 record does not match an SSN in a NED record, the person is included in the "in HRDB-not NED" or "in FPS2-not NED"discrepancy report
3. If the SSN contained in a NIH FTE or Fellow's NED record does not match an SSN in HRDB or FPS2, the person is included in the "in NED-not in HRDB" or "in NED-not in FPS2" discrepancy report. October 17, 2012
An Online Guide for Replacing ID Badges
AOs will find "ID BADGE Re-Issuance Procedures" a useful guide that spells out the procedures for replacing badges under various scenarios, including lost or stolen badges, classification changes, renewals, broken or damaged badges and name changes. You may want to bookmark this guide, which is posted ... under the 'What's New' section of the ID Badge website ( www.idbadge.nih.gov).
October 31, 2012
Master NED with Free Computer Lab Courses
The HSPD-12 Program Office offers NED courses to meet the needs of both novice and veteran NED users. Mastering NED will become increasingly important as NIH expands HHS ID Badge functionality to include logical access ... as part of the continued implementation of HSPD-12.
Acceptable (and Unacceptable) Forms of ID for Badge Enrollment and Issuance
What do fishing licenses, non-NIH hospital staff ID cards, bank cards with photos and contract-company IDs have in common? All of these credentials are UNACCEPTABLE as proof of identity for purposes of badge enrollment and badge issuance when obtaining a PIV Card (HHS ID Badge).
When an individual is sponsored for a new PIV Card (HHS ID Badge), s/he will receive an e-mail with instructions to schedule an Enrollment appointment with DPSAC. The e-mail will advise the individual to bring two forms of acceptable identification. One must be a Federal or State-issued photo ID and both must be unexpired.
Lifecycle Work Station (LWS) Training Video Now Available for LWS Operators
DPSAC recently added an LWS training video to its website [http://www.ors.od.nih.gov/ser/dpsac/training/Pages/lifecycle.aspx] to assist new LWS operators as well as operators who may need a refresher on renewing digital certificates or resetting PINs.
November 14, 2012
Avoid Getting Locked Out -- Take Your PIV Card With You
By March 29, 2013, more than 35,000 employees, contractors and affiliates will be using their PIV Cards (HHS ID Badges) instead of their user name/password to log in to their Windows computers.
November 28, 2012
Position Level Selection Changes in NED - An Update
The NIH HSPD-12 Program Office is making some changes to the selection of Position Levels available in NED (as part of the NIH Form 2866: Position Sensitivity Worksheet).
With recent changes to the Division of Extramural Activities Support (DEAS) at NIH, the following position titles will be removed from NED:
DEAS Staff -- Management (non-IT staff)...................... 1 DEAS Staff -- Non-management (non-IT staff)............... 1
In their place, the following position category will be added:
Extramural Support..................................................... 1
Please note: the new "Extramural Support" position selection is scheduled to be added to the next NED release in early 2013.
December 12, 2012
HHS's Automated Certificate Renewal Notice Now Includes a 'Renew-From-Your-Desktop' Option
The digital certificate renewal notification that the Department automatically sends to PIV Card holders 42 days before their 'certs' expire has been revised to give card holders the option of renewing their certificates from their Windows computer.*
To renew certificates at a Windows computer, the individual's PIV Card certificates must still be valid (i.e., not expired), the Access Card Utility (ACU) software must be installed and the cardholder must know his/her PIN. This new capability should make the cert renewal process quick and easy.
'ActivClient' Software Required for 128k PIV Cardstock to Work with Windows Computers
NIH began issuing HHS ID Badges using cardstock with enhanced storage capabilities. The new badges contain 128k computer chips, essentially doubling the storage capacity of the 64k chips currently in the PIV Cards/HHS ID Badges at NIH.
When digital certificates on a 64k PIV Card are renewed, the previous certificates are removed from the card while new certificates replace them. In order to open encrypted e-mails that were sent or received previously, the removed certificates will need to be recovered using the HHS Identity PIV Portal. A description of this process is posted on the NIH Knowledge Base at: http://go.usa.gov/g2Nj. For 128k cards, however, key recovery is generally unnecessary since the five (5) prior e-mail encryption keys will be stored in the larger capacity card.
Action required for 128K cards to work on Windows computers
Responding to early reports that users of the 128k cards were unable to use their new cards to log on to their Windows computers, CIT determined that it was necessary to install and patch ActivClient.
CIT recently alerted all IC IT departments to the problem and have provided guidance for installing and patching ActivClient on Windows desktops and laptops for both Windows XP and Windows 7. ActivClient and its hotfix are available for download from CIT's Information Systems Distribution Procurement (ISDP) Program at: http://isdp.nih.gov/isdp/version.action?prodid=127.
How to Correctly Change your Password on Windows 7...and Avoid Disabling Your PIV Card
The NIH IT Service Desk reports that some people using Windows 7 are accidentally changing their PIN when they thought they were changing their Password.
The problem is occurring when they log on with their PIV card and get prompted that their password will expire soon. When attempting to change their password, they DON'T read the box that gives them the option to switch from 'PIN' to 'Password.'
By selecting the wrong box, users can accidentally change their PIN and even worse, change it to the wrong format which will disable the PIV Card.
The NIH Knowledge Base has posted complete instructions as well as a video on how to change or reset an NIH Active Directory password on a Windows 7 computer at: http://go.usa.gov/gUBh.
***
Throughout the year, the DPSAC News Safety Corner has featured articles prepared by ORS Security and Emergency Response Divisions on timely safety tips to help protect the NIH community and their families.
- Help Us Help You! - Know How to Spot Common Fire Safety Hazards in the Workplace (1-11-12)
- Awareness of Common Fire Safety Features in Laboratories Can Save Lives and Protect Research (2-8-12)
- Basic Personal Defense Course for Women Fills Quickly - NIH Police Accepting Names for Future Classes (2-22-12)
- Fire Safety Tips for Using Personal Computers (3-7-12)
- New "311" Non-Emergency Number Available on NIH Bethesda Campus (3-21-12)
- Fire Hazard Reporting Tool Makes It Easier to Report Fire Safety Issues (4-18-12)
- Be Prepared for a Fire Emergency in Your Workplace! (5-16-12)
- Strange Odor in the Workplace? (8-8-12)
- The Fire Safety Dangers of Having Too Much Stuff in the Workplace and in the Home (9-5-12)
- Have 2 Ways Out (10-3-12)
- Play it Safe When Using Space Heaters in NIH Buildings (10-31-12)
- Fire Safety During the Holiday Season (11-28-12)
|