Loading
Print This Issue
Subscribe:
E-Almanac

One Step Ahead
PDF
February 23, 2010, Volume 56, No. 23

One Step Ahead

Another tip in a series provided by the Offices of Information Systems & Computing and Audit, Compliance & Privacy.

Remember to Log Out of Penn WebLogin

Recently, the University implemented Penn WebLogin, a more secure and reliable central PennKey authentication process for restricting access to web services.  Unlike its predecessor, Penn WebLogin allows you to create a 10-hour session and connect to many PennKey-protected websites and services without logging in to each one separately. This capability is referred to as single sign-on (SSO).  While your session is in effect, you may be asked to verify your PennKey password to access certain web services. Password verification occurs when the service provider requires an additional layer of security.

When you have finished working with protected web service, it’s very important to terminate your WebLogin session to ensure that no one can access other services in your name, especially on a computer that others have access to (for example, in a University library or lab, or even at home). To terminate your session, use the logout button or link found on most PennKey-protected pages or bookmark the WebLogin logout page at https://weblogin.pennkey.upenn.edu/logout so it’s always handy.  

For extra security, always exit (Windows) or quit (Mac OS) your browser when you finish working. Exiting/quitting your browser also terminates your 10-hour WebLogin session. If you do not actively terminate your Penn WebLogin session, it will expire in 10 hours automatically.

Although the convenience of single sign-on provided by Penn WebLogin is helpful, it also makes logging out more critical in order to fully protect Penn’s data and an individual’s personal privacy.  For more information on Penn WebLogin, see www.upenn.edu/computing/weblogin/.

____________________________________

To receive OneStepAhead  tips via email, send email to listserv@lists.upenn.edu with the following text in the body of the message:  sub one-step-ahead <your name>.

For additional tips, see the One Step Ahead link on the Information Security website: www.upenn.edu/computing/security/

Almanac - February 23, 2010, Volume 56, No. 23