This morning many of our customers received an automated message from our Mail Servers informing them that their password is considered “weak” and what needs to be changed to meet minimum password requirements.

We would like to sincerely apologize for having received this email with no prior explanation.

The short of it is that there is no need to panic. Nothing is going to happen if you ignore the automated email or do not immediately change your password. Although it is strongly recommended to always use unique and secure passwords, existing email accounts are currently exempted from the minimum password strength that is required for new accounts. A known issue in the software we utilize for Mail Services caused an automated email message to go out this weekend to existing accounts that did not meet those minimum password criteria which are required by new accounts. We have notified our software vendor and they are working on a fix to resolve the problem so that these automated notifications are not sent in the future for those accounts that are exempted.

If you received an automated notification we do recommend that you consider taking the time to update your password to a more secure one. You can do so from your web-based mail at https://smartermail.scarabmedia.com. You can change your new password by going to SETTINGS and entering your new desired password in the “New Password” and “Confirm Password” fields followed by pressing the [SAVE] button (Step-by-Step instructions with screenshots can be found in our Knowledge Base). Domain Administrators can change the accounts for all users on their domain by going to SETTINGS > DOMAIN SETTINGS > USERS.)

Passwords for new accounts must meet the following minimum criteria:

• 8 or more characters in length (12 or more are recommended)
• Mixed Case (UPPER and lower case letters)
• At least one number
• At least one symbol (i.e. ` ~ ! @ # $ % ^ & * ( ) – _ = + [ { } ] \ | < , . > / ? ; : ‘ “)
• Must not contain your User Name

Please note that if you are using an email client (such as Outlook, Thunderbird, Apple Mail, or a tablet or smartphone) to retrieve your mail, you will have to update your email password there as well after changing it in your web-based mail.

If coming up with a strong and unique password is difficult for you we recommend you consider using a password manager program or app. You can find out more on the top 5 rated password managers for computers at http://lifehacker.com/5529133/five-best-password-managers and the top 6 for mobile devices at http://www.tomsguide.com/us/pictures-story/662-6-best-mobile-password-managers.html.

It is often wrongfully believed by users that they do not have anything of importance in their email account worth the bother of using a strong password. We recommend the following article on The Value of a Hacked Email Account to explain why your email account is so highly valued a target to Brute-Force Hackers even if you do not consider your email account as containing anything of importance to you.