Staff Password Reset

  • On Monday, June 17, 2019, MPCSD staff email accounts were compromised through a phishing scheme. Many staff members fell victim to a phishing scheme from what appeared to be an mpcsd teacher’s email account. The phishing request asked the staff member to enter their google password. From there, erroneous and inflammatory emails were sent as though they were from MPCSD staff.

     

    As a result, MPCSD has reset everyone’s email password. Staff will be required to submit a new password form to the District Office

     

    In addition, it looks as though some of the apps we use may have been compromised by the same phishing scam. We will be contacting those companies and access will be reset.

     

    Here are important directions to follow:

     

    1. Reset ALL of your passwords to apps/sites that you regularly use, especially if the password you used is the same as the one you used to access your staff email. Create different passwords for your apps from the one you intend to create to access your work email. To the extent possible, create unique passwords for each app you use.

    2. In general, DO NOT click-on links in emails unless you are reasonably confident that the link is legitimate (e.g you are expecting a link from that person). If you do click on a link and it asks you to re-enter your user name and password ASSUME it is a phishing scam and do not enter that information.

    3. To reset your district email password, you will need to come to the District Office in person to submit your password reset form. Please complete the form and bring to the District Office between 8:00 a.m. and 3:00 p.m. Monday through Friday. You will need to be the one to bring the form to the office. Please see email password Do's and Don'ts below. Only in urgent need situations will we reset passwords over the phone. To arrange password reset over the phone, please contact Lanita Villasenor at the DO. You will be required to provide personal information to reset your password.

     

    If you have information related to this breach, please contact the Superintendent’s office.

Password Dos and Don'ts

  • DO use a combination of uppercase and lowercase letters, symbols and numbers.

    DON'T use a password that is similar to your previous password.

    DON'T use commonly used passwords such as 123456, the word "password," “qwerty”, “111111”, or a word like, “monkey”. 

    DO make sure your user passwords are at least eight characters long. The more characters and symbols your passwords contain, the more difficult they are to guess.

    DON'T use a solitary word in any language. Hackers have dictionary-based systems to crack these types of passwords. If you insist on using a word, misspell it as much as possible, or insert numbers for letters. For example, if you want to use the phrase “I love chocolate” you can change it to @1L0v3CH0c0L4t3!

    DON'T use a derivative of your name, the name of a family member or the name of a pet. In addition to names, do not use phone numbers, addresses, birthdays or Social Security numbers.

    DON'T use the same password across multiple websites. If remembering multiple passwords is an issue, you can use a password manager such as LastPass to securely store your passwords.

    DO use abbreviated phrases for passwords. You can choose a phrase such as "I want to go to England." You can convert this phrase to an abbreviation by using the first letters of each word and changing the word "to" to a number "2." This will result in the following basic password phrase: iw2g2e. Make it even more complex by adding punctuation, spaces or symbols: %iw2g2e!@

    DON'T write your passwords down, share them with anyone or let anyone see you log into devices or websites.

    DO log out of websites and devices when you are finished using them.

    DON'T answer "yes" when prompted to save your password to a particular computer's browser. Instead, rely on a strong password committed to memory or stored in a dependable password management program.