Why Does My CJSM Account Keep Locking?

On a day to day basis you may find your CJSM account locked for no particular reason. Here we explain a bit more about what is happening and what you can do.

04 February 2016 Security  CJSM

CJSM - Article

CJSM is a secure Email system and it wants to remain secure by having the appropriate measures in place. On a day to day basis you may find your CJSM account locked for no particular reason. Here we explain a bit more about what is happening and what you can do.

CJSM Account Security

Firstly, we don't know a great deal about the security mechanisms that are operating for the CJSM accounts so we can only go on what we observe on a day to day basis but we have enough to be able to offer some advice to make things easier.

Secondly, what we have seen and know of CJSM account security isn't actually that onerous but to those new to CJSM it can seem to be over the top.  If you are coming from an environment where you have been allowed to keep the same password for years, suddenly needing to change your password regularly and take more responsibility for your own actions can come as a bit of a shock.

Why do CJSM accounts lock?

CJSM pro-actively monitors CJSM login attempts and usage and will lock an account.  Once locked the account can only be unlocked again by a CJSM administrator and if your account locks itself late in the evening when you need to send or receive an important Email you could be stuck until the next morning.

The follow explains why CJSM accounts lock and what you can do to avoid this happening.

It has not been logged into for a period of time

Depending on how CJSM is used for your organisation you may not actually need to log into your CJSM account to send/receive CJSM Email but that won't stop it locking - usually after 30 days although we have seen this repeat a few days later.

We regularly reset such accounts (making them active again) for you however with the move to Professional Court User Wi-Fi and the Digital Court System you will need to manage the account yourself so be sure to log into your CJSM account at least once a month.

The temporary password hasn't been changed

If you forget your CJSM password and request a temporary password, you have 30 days to set a new password otherwise the account will lock.

Once a temporary password has been issued, make sure you change it.

The active password hasn't been changed

You will be prompted to change your CJSM password every 90 days.  If you don't change your password the account will be locked.

Heed the prompts and update the password before it expires.

The password was entered incorrectly 3 times

However you use a CJSM account, a password is associated with it and if you need to provide that password (e.g. by logging into CJSM via the web) and do so incorrectly 3 times the account will be locked.

Of all the issues we see this is the most common and there are a few reasons why this happens:

1. The wrong password is being entered three times!  

If you are using CJSM via the web and are new to it, the need to enter passwords, not to be able to save them, for them to always be quite complex and to have to change them regularly adds up to lots of people getting the password wrong and then locking their accounts.

Managing lots of passwords is challenging for us all however by adopting a strategy you can ensure you avoid this.  So for example, do not wait for the 90-day reminder, change your CJSM password every 60 days and use a variation on your previous password.  For example, you may have a password of "Password25Putney!" and so on the next change it would become "Password26Putney!" and so on.

2. You have just changed your password but not updated Email applications that need it

If you have the mailbox version of CJSM - you can log into your CJSM mailbox via the web as well as having a separate CJSM account configured in your Email application - then getting the password change done correctly is vital.

When you change your CJSM password you must immediately update the password in all the Email applications (e.g. Outlook, Mac Mail etc.) that also access your CJSM account.  If it isn't done in time, these applications will check your CJSM using the old password and so the account will lock.

The best way to manage this process is to have the account settings for your Email applications on screen so you can see the box for typing the password.  Then you change your CJSM password and then you can update the password stored by the application.  This will ensure you don't get locked out of your account.

The mystery way

Whether this is true or not, despite people being very careful in managing their passwords we still see instances of accounts locking for no apparent reason.  

CJSM will, rightly, be operating other mechanisms to detect attempts to break into accounts and not all of these will be known or advertised so random locking is not entirely unexpected. We know that sometimes if CJSM is configured on mobile devices these can make many requests and this could trigger an account to lock.  Having several computers/devices accessing the same CJSM account simulatenously from different places could also cause the account to lock.

The only way to avoid this is to limit the number of computers/devices you access CJSM from and if you want avoid the problem completely only use web based access to CJSM.

Round-up

Having your CJSM account lock can be very frustrating - there is no easy way to unlock it yourself and little information is sometimes given on why it has locked.  Hopefully this explains a bit more about what is going on and what you can do to minimise the chances of being locked out of your account.

Tags  lock

Corrections or suggestions

Secure USB Flash Drive

Kingston DataTraveler Locker+ 16GB USB Flash Drive

Kingston DataTraveler Locker+ G2

Secure USB Hard Drive

Western Digital MyPassport 1TB USB Drive

Western Digital MyPassport 1TB

Security Cable

Kensington MicroSaver Cable Lock

kensington lock