Keep it secret!
- Don’t reveal your passwords to anyone else –
family, friends, co-workers or IT staff.
- Be aware of who’s watching when you’re entering
- Your passwords are used to uniquely identify
you, so anyone who’s able to use them can act as if they were you.
- Remember: You’re accountable for all activity
associated with your University account, including when someone else is using
Keep one step ahead!
- Change a password immediately if you suspect
that it has been revealed to or discovered by another person.
- Report any concerns about your University
password security to the IS Service Desk, so that they can take action if
necessary to protect your account.
- Make use of data breach notification services
which notify you when (not if!) your details appear in data breaches.
- If you’re unsure about the best way to protect
your passwords, ask the IS Service Desk for advice.
Keep it unique!
- Cyber criminals know that people often reuse
email addresses and passwords across multiple websites and online services.
- If a cyber criminal discovers your email address
and password for one particular service, they’ll try to login to other services
using those same account details.
- Always use unique passwords for your important accounts,
such as your University account, your personal email and online banking.
- Consider using a Password Manager to generate
and store unique passwords for all of your websites and online services.
Keep them guessing!
- Your password should be memorable, but hard for
someone else to guess – whether or not they know anything about you.
- Avoid using single dictionary words, predictable
sequences, patterns of keys on the keyboard or memorable names, dates or
- If you need to write a password down, make sure
that you don’t leave it in a place where someone else can find it.
- Pick a password which hasn’t previously appeared
in a data breach, by checking it with a service like Pwned Passwords.
Keep it modern!
- Over time, computers get faster at guessing
passwords – so the rules that define “good” passwords have to change over time
- From time to time, we’ll have to ask you to
update your passwords to keep them safe.
- Longer passwords are generally stronger
- Websites and online services are increasingly
making Multi-Factor Authentication (MFA) available to users – you should make
use of this wherever it’s available.