Keeping your usernames and passwords secure is key to your privacy and your ability to access the resources you need not just at S&T, but all over the internet.
At S&T your username allows you access to so many resources, and it is important that S&T IT can verify that you are authorized to use a given resource. The computing resources listed below can be accessed by your SINGLE, campus-provided username, and password.
NOTE: Not every user will have access to all of the resources listed.
It is important to use passwords that are difficult to guess by someone trying to gain unauthorized access to your account. Many malicious actors use complex techniques to access your account.
Some of the techniques used by malicious actors include:
To help combat these techniques sites adopt guidelines on password strength. The guidelines are designed to make your password complex enough that the computer-assisted guessing techniques used by malicious actors will take so much effort that they will possibly give up.
A strong password when combined with Multi-Factor Authentication, makes traditional computer-assisted guessing techniques ineffective.
Here is a example of a strong password requirement; it is the one we use here at S&T.
Your password selection is not limited to what you have used on any one particular site. If the same password is used for multiple accounts - like your banking, social media, and commerce accounts - then exposure of the password at any one of these sites means exposure for all accounts that use it.
Because there are lists of passwords that have been acquired during past breakings, it is never a good idea to reuse a password or part of a password. This will definitely mean you could have lots of passwords to remember. It is a good idea to select a good password manager to help you protect against malicious actors.
A default password is a standard pre-configured password for a device that is usually provided when setting up a new device, such as a wireless router or streaming video receiver. Default passwords serve as a placeholder until the end-user customizes the device or service and sets a new password. Unfortunately, all too often the end-user is either not aware that a default password exists or they do not understand the risk.
Possible devices and services at risk for default password use include:
By allowing a default password to remain in place, it is easy for unauthorized access to occur.
Breaches are a fact of life and even strong passwords do not hold up against skilled attackers.
If you think someone has your password, immediately change your password, and report the incident to your site's customer support. If you think your S&T account has been compromised, change your password by going to password.umsystem.edu and then Report the Incident.