Network News

X My Profile
View More Activity


Posted at 12:30 PM ET, 02/ 4/2010

MCPS orders teachers to change passwords

By Valerie Strauss

Montgomery County school officials are ordering all employees to create new computer passwords after students hacked into the computers at Churchill High School to change grades.

The Montgomery County Parents’ Coalition, tireless watchdogs of the Weast administration, have obtained an e-mail sent to all employees in the school system from from Chief Technology Officer Sherwin A. Collette, with a subject line that says: ACTION REQUIRED: Network Security Measures

The e-mail reads in part:

“This is to notify you that over the next few days all employees will be prompted to change their password when logging on to their Montgomery County Public Schools (MCPS) computer. This password is the same as your Outlook password. All passwords used to log on to MCPS computers will expire by Wednesday, February 10, 2010. It is important that you follow the instructions on the screen when prompted to change your password. Your new password should be at least eight characters long and contain at least one capital letter and one number. These new guidelines strengthen your password and are consistent with mandatory password requirements that had been scheduled to begin in March 2010 for all current employees. Please see Attachment A to view instructions for changing your password. Along with the new password formatting requirements, employees will be required to change their passwords at least every 120 days. At any time, if you believe your password has been compromised, you should change it immediately and notify your supervisor.”


It turns out that the Churchill incident wasn’t the only time in recent months that kids have hacked into school computers in the county; at Whitman High School, the student newspaper black&white reported on Sept. 30, 2009, that a student had broken through the security barriers on Whitman’s Pinnacle grading system and changed some grades.

That story quoted assistant principal Jennifer Webster as saying that officials were using the incident to tighten up security on the system. In this case, Webster said, the student did not get into the system through a staff member’s network account.

The story said the student was disciplined “accordingly.” I asked district officials what action was taken against the student but haven’t yet heard back. It seems to me that kids who hack into a school's computer system ought to be expelled from the school. (Do you agree?)

At Churchill, my colleagues Michael Birnbaum and Jenna Johnson reported that about a half-dozen students appear to be involved in the hacking scheme, which, officials said, may have involved the installation of equipment on teachers’ computers that could obtain the passwords used to access the online grading system.

I initially thought the kids who did this must be pretty clever, but I’ve been disabused of that notion; YouTube offers users their pick of videos on how to hack into a school computer.


Follow my blog all day, every day by bookmarking http://voices.washingtonpost.com/answer-sheet/

Follow all the Post’s Education news & blogs on our Facebook fan page, the "PostSchools" feed on Twitter or our Education home page at http://washingtonpost.com/education.


By Valerie Strauss  | February 4, 2010; 12:30 PM ET
Categories:  Montgomery County Public Schools  | Tags:  computer hacking, montgomery county public schools  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Recess and academic achievement
Next: Yale saves with colder buildings

Comments

Should hackers be expelled from school? I say, YES! If they're 16 years old or older, they can take the GED and continue their education at Montgomery College -- at the family's, not the taxpayers', expense. If they're not 16 yet, suspend them long enough to ensure they won't graduate with their peers, and mark their transcripts accordingly -- ACADEMIC DISHONESTY. Once they're 16, they may choose to take the GED, go to MC, and transfer to a 4-year college later.

Posted by: My2cents20 | February 4, 2010 2:19 PM | Report abuse

The Churchill Grade Changing Scandal raises more questions: What else are schools failing to backup? What else has been compromised? Edline? Attendance? Excused Absences? Unexcused Absences? Tardies? Loss of Credit? Teacher Passwords? Student Passwords? Administration Passwords? Server Passwords? Personnel Files? Student Files? TEST Scores? Payroll? Budgets? Inventories? What other school site computer systems have been hacked? Who else is hacking school site computer systems besides students? How sophisticated are schools in detecting intrusions into its computer systems, not only by students, but by employees, as well as outside hackers.

The Churchill Grade Change Scandal raises RED FLAGS!!!!!!!
MCPS can NOT categorically state that its district wide computer systems are secure right now. MCPS can NOT rule out that its district wide computer systems are being hacked right now. Churchill is just the tip of the ice berg. Where are you BoE? Where are you County Council?

If it is true that Churchill did not backup grades and that teachers do not have hard copies (grade books) of grades, then Churchill and MCPS cannot prove grades have been changed. Furthermore, if the suspected students do not admit to stealing passwords, tapering with computers, and changing grades, then these students cannot be accused of violating any MCPS policy or regulation and these students cannot be charged with any crime. Fortunately for Churchill and MCPS, the suspected students are talking. If all of the suspected students had kept quiet and did not admit to anything, then Churchill and MCPS would be powerless to take disciplinary action against these students. Also, if paper records and computer backups do not exist, then any and every Churchill High School student could claim that their classwork assignments, homework assignments, summative assessments, formal assessments, quarter grades, and semester grades were changed. Finally, if other high schools and middles schools use the computer grade record system without backup, and without teacher paper records, then MCPS has wide exposure to abuse and fraud and loss of credibility of its grading system.

$2,000,000,000 MCPS got beat by a $20 USB drive and a pimple faced teenage video gamer

Posted by: motherseton | February 4, 2010 5:15 PM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company