• Home
  • Login
  • Welcome to the Staff Intranet

​Protect passwords

Protect passwords image

Help to Protect Passwords by setting strong unique passwords and never sharing them, you can find out more about the University's password policy here:  University's Password Policy.  Information about the University's Self-Service Password Reset Service can be found on the Your Password and Desktop Settings page​

Practice good password hygiene

  • Cyber criminals know that people often reuse email addresses and passwords across multiple websites and online services.
  • If a cyber criminal discovers your email address and password for one particular service, they’ll try to login to other services using those same account details.
  • Always use unique passwords for your important accounts, such as email, social media and financial services.
  • Consider using a Password Manager to generate and store unique passwords for all of your websites and online services.

Passwords shouldn’t be guessable

  • Your password should be memorable, but hard for someone else to guess – whether or not they know anything about you.
  • Avoid using single dictionary words, predictable sequences, patterns of keys on the keyboard or memorable names, dates or locations.
  • If you need to write a password down, make sure that you don’t leave it in a place where someone else can find it.
  • Pick a password which hasn’t previously appeared in a data breach, by checking it with a service like Pwned Passwords​.

Passwords should be kept secret

  • Your passwords are used to uniquely identify you, so anyone who’s able to use them can act as if they were you.
  • Don’t reveal your passwords to anyone else – family, friends, co-workers or IT staff.
  • Be aware of who’s watching when you’re entering a password.
  • Consider using a Password Manager ​to generate and store unique passwords for all of your websites and online services.

Keep your passwords healthy

  • Over time, computers get faster at guessing passwords – so the rules that define “strong” passwords have to change over time too.
  • From time to time, we’ll have to ask you to update your passwords to keep them safe.
  • Longer passwords are generally stronger passwords.
  • Websites and online services are increasingly making Multi-Factor Authentication (MFA) ​available to users – you should make use of this wherever it’s available.  The University already uses MFA - find out more​

Take action if your passwords are compromised

  • Change a password immediately if you suspect that it has been revealed to or discovered by another person.
  • Report any concerns about your University password security to the IS Service Desk, so that they can take action if necessary, to protect your account.
  • Make use of data breach notification service like HIBP, which will notify you if your details appear in any exposed data breaches.

If you’re unsure about the best way to protect your passwords, ask the IS Service Desk ​for advice.