Setting up and maintaining safe passwords is essential to online account security. Some simple tips you can use to create safe passwords are provided below. Your department may have other security policies that you must follow if they conflict with these password tips.
If your password is compromised, you jeopardize:
It is critical that you create strong passwords that you maintain appropriately. Remember, in computer security, passwords are always the weakest link!
If you are using the same password for your email, bank account, and computer, and one account is hacked, all other are at risk. Create at least three different passwords. For:
To keep track of your passwords, use one of our password strategies.
Passwords become vulnerable over time. To reduce the risk of your computer being compromised, we recommend that you change your passwords at least twice a year. If you suspect that your password has been stolen or compromised, change it immediately. Learn how to change your IT Account password in SPIRE.
By making your passwords available to others (even people you trust), you put your personal information at risk. Please do not share your passwords!
Never send passwords or other sensitive personal information via email even if the original message appears official. Learn more about phishing scams. Note: UMass Amherst IT will never ask for your IT Account password or other sensitive information via email.
Some applications will offer to save your passwords. Always choose 'No' when prompted to save a password online. We recommend that you create a reminder for your IT Account password and use our password tricks to create strong passwords that you can actually remember.
Storing passwords on post-it notes on your monitor is an open invitation to access your information. At UMass Amherst IT, we believe no location is safe enough for storing passwords. If you absolutely must write down your passwords: