Skip to content Skip to main navigation

News

Avani Terraces - Greenway
Life is looking up

Library goers need to change their pins

By Barcham - 23 July 2013 6

Do you have an account with Libraries ACT?

Have you failed to protect yourself with what may be the most basic form of account protection ever by changing your pin from the default, or not making it 1234?

Ok, then go fix that.

Library members who use the online section of Libraries ACT’s website are being urged to update the Personal Identification Number (PIN) associated with their account if they have an easily identifiable number such as a sequential number, a birthday or a series of numbers from their membership card.

This comes following advice from an individual who contacted Libraries ACT indicating that they were able to gain online access to 35 library accounts with ‘weak’ PINs.

“The ACT’s 206,000 library members can use their online accounts and associated PIN to extend loans, reserve items, access e-resources or check on current loans. The Libraries ACT website holds limited personal information and no financial details; however Libraries ACT is establishing a process to strengthen online security,” said Minister for Territory and Municipal Services, Shane Rattenbury.

“In order to strengthen security arrangements, Libraries ACT is asking any members who still use the default PIN that was issued with the card or who have a weak PIN, such as a sequential number or a birthday, to create a new one.

“We are asking members to update their PINs by Wednesday 7 August 2013 through either Libraries ACT’s website using the My Account tab or in person at a branch.

“A message to prompt members to make this change will be placed on Libraries ACT’s website(www.library.act.gov.au) and signage will be displayed in all ACT public libraries with this information.

“Libraries ACT is contacting all 35 card holders who may have been affected to inform them of the breach and the matter has now been referred to ACT Policing.

“After Wednesday 7 August, accounts with weak PINs will be blocked from the My Account section of Libraries ACT’s website. Members will then need to visit a library branch to change their PIN. PINs cannot be changed over the phone or via email.”

Mr Rattenbury said that library members can still borrow, renew or request items from library branches.

Anyone who wants more information is encouraged to ring 6207 9405 or visit a library branch.

What’s Your opinion?


Post a comment
Please login to post your comments, or connect with
6 Responses to
Library goers need to change their pins
Sandman 9:24 am 25 Jul 13

Martlark said :

I’ve got one word for you Kim, “Facebook Login”.

Um, that’s 2 words.

Martlark 8:02 pm 24 Jul 13

I’ve got one word for you Kim, “Facebook Login”.

Alderney 2:07 pm 24 Jul 13

Who has the time to sit around and ‘test’ the security of rhe ACT Library system?

My god, get a life…

switch 11:49 am 24 Jul 13

Primal said :

Minimum characters is one thing, but mandatory upper case and symbols quickly take us into ‘massive PITA’ territory when it comes to recall. Given what’s at stake, it’s not worth the bother. If people aren’t using non-obvious passwords at this point, it’s their own damn fault.

Agreed. Apart from reserving books in your name and requesting extensions to your borrowing time, just how is hacking your library account going to bring on the end of civilisation as we know it?

Primal 10:41 am 24 Jul 13

enrique said :

Why doesn’t the ACT Library introduce a mandatory *stronger* password system. i.e. a minimum number of characters including combinations of letters (upper and lower case), numbers, and symbols?

Minimum characters is one thing, but mandatory upper case and symbols quickly take us into ‘massive PITA’ territory when it comes to recall. Given what’s at stake, it’s not worth the bother. If people aren’t using non-obvious passwords at this point, it’s their own damn fault.

enrique 8:57 am 24 Jul 13

Why doesn’t the ACT Library introduce a mandatory *stronger* password system. i.e. a minimum number of characters including combinations of letters (upper and lower case), numbers, and symbols?

If the rest of the online world can do it why can’t ACT Library customers?

The current login password system implemented by the ACT library is trivial by any standards. As Bruce Schneier would say, what they have is a ‘security theater’ (i.e. for show purposes only).

Related Articles

CBR Tweets

Sign up to our newsletter

Top
Copyright © 2017 Riot ACT Holdings Pty Ltd. All rights reserved.
www.the-riotact.com | www.b2bmagazine.com.au | www.thisiscanberra.com

Search across the site