Home  |  Contact Us  |  FAQ

Portal  »  Security

Here at the Oregon Department of Justice, one of our top priorities is to keep information about your accounts private. We offer the highest level of security, using the latest encryption technology for online transactions, as well as virus protection and firewalls.


What We're Doing

Passwords:

This website requires passwords be changed every 365 days. This is to reduce the likelihood that your password is discovered by others. In addition, passwords:
  1. Must be 14 - 40 characters
  2. Use numbers and letters
  3. Have at least 1 alpha and 1 numeric character (e.g. 123456#z)
  4. Are case sensitive
  5. Cannot be same as your User ID
Once created, your passwords are encrypted and not viewable by anyone.

256-Bit Encryption:

Every time you use this website, the data transmitted to or from your computer is encrypted, including the Login process. Encryption is a technique that scrambles the information you send to us, and when we receive it, we unscramble it again. This prevents the data from being read by any unauthorized party while it is being sent over the Internet. The encryption process used is known as the Secure Socket Layer (SSL) Protocol.

SSL Certificate:

This website has been issued a digital certificate by thawte. This certificate ensures that information is kept private while in transit between our website and your browser. A certificate contains information that a specific web site is authentic, which ensures that no other site can assume the identity of the original site.

Cookies:

Cookies must be enabled on your browser in order to use this website. We do not store cookies on your computer's hard drive. But we do use a cookies stored in memory, called session cookies. These cookies allow the server and browser to communicate and maintain who you are.

Account Access:

Each time you log onto this website, you will be required to enter your User ID and Password. The first time you login, you will also be required to enter your Activation Code. This code will be sent to you when we approve your account registration.

Email:

Email is not a secure means of communication. We will not include personal information in our email communications. We will not solicit personal information via email.


What You Can Do

Passwords:

Do not share your passwords with anyone, including administrative assistants or secretaries. All passwords should be treated as sensitive and confidential information.

Here is our list of recommended don’ts:

  • Don't reveal a password over the phone to ANYONE
  • Don't reveal a password in an email message
  • Don't reveal a password to the boss
  • Don't talk about a password in front of others
  • Don't hint at the format of a password (e.g., "my family name")
  • Don't reveal a password on questionnaires or security forms
  • Don't share a password with family members
  • Don't reveal a password to co-workers while on vacation
Do not use the "Remember Password" feature of applications. Again, do not write passwords down and store them anywhere in your office. Do not store passwords in a file on ANY computer system (including mobile devices) without encryption.

Browser Encryption:

You should maintain the most current version of your browser, in order to have the strongest security possible. Additionally, this website may become inaccessible to your browser if it’s not kept up-to-date.

SSL Certificate:

Ensure the thawte certificate is issued to Oregon Department of Justice and the website on the certificate matches the website you are using.

Cookies:

Ensure session cookies are enabled on your browser. Log Off when you are done using this website. For additional security, close your browser when you are done using this website and don't access other websites simultaneously in multi-tabbed browsers.

Account Access:

Keep your User ID, Password, and Account Activation Code confidential.

Email:

We will not solicit personal information via email. If you receive a solicitation for personal information that claims to be from this website, you should consider it to be a fraudulent request. Email is not a secure means of communication. Do not include personal information in an email communication.

More Security Tips:

Internet Security Tips from the Federal Trade Commission