Browser does not support script.
Picking a good password is important, however in accordance with University Password Policy all passwords must be over 8 characters, contain a mixture of upper case, lower case
and symbols, must not be re-used, and should not be a word listed in a dictionary.
The recommendation from the Cyber Aware campaign is to use three random words. These can be any three words in any order, and numbers or special characters can still be used, for example 7blueElevat0rRis!ng33, but don't use words or phrases which are easy for other people to guess e.g. TheLionKing.
For more information visit our dedicated page on Password security
It is important to have a strong password, but it is even more imperative to set up multi-factor authentication. This method provides two layers of security measures so if a hacker can accurately guess your password, there is still an additional security measure in place to ensure that your account is not breached. We encourage all students to sign up to multi-factor authentication by following the process below:
If you think your account may have been compromised, you should reset your password straight away!
If you forget your password, you can reset it by following the process below:
Phishing attacks are some of the greatest cybersecurity threats as they are very easy to fall for. In a phishing attack, a hacker will pose as someone that the recipient may be familiar with to trick them into opening a malicious link, divulging important credentials, or opening software that infects the recipient’s system with a virus. The best way to be on the lookout for phishing scams is by avoiding emails from unfamiliar senders, look for grammatical errors or any inconsistencies in the email that looks suspicious, and hover over any link you receive to verify what the destination is.
If you receive an IT related email you are unsure of, contact Digital Services.
Just because you can click, doesn’t mean you should. Malicious links can do damage in several different ways, so be sure to inspect links and ensure they’re from trusted senders before clicking. If you are unsure of a link, don’t click on it.
Keep your devices up to date. Software patches can be issued when security flaws are discovered. You may find these notifications annoying, but you can consider them the lesser of two evils when weighing up rebooting your device versus putting yourself at risk for malware and other types of computer infection.
Security doesn’t end at your desktop. It’s important to get into the habit of securing your presence through your mobile device as well. Use strong passwords and biometric features, ensure you turn off your Bluetooth, don’t automatically connect to any public Wi-Fi, and download with caution.
There’s no excuse not to have a backup of important data. Remember, malicious threats and hackers don’t always want to steal your data, but sometimes the end-goal is to encrypt or erase it. Back it up to have an ultimate recovery tool.
The University uses identity protection tools to establish your typical IT usage to block unexpected behaviour. Types of activities that could be blocked include:
To add additional protection to your account, or to allow usage from locations/devices that would otherwise be blocked by the University policy, you should register for the University’s Multi-factor authentication system in at our My Security Info page. More information on Multi-factor authentication is available in the Multi-Factor Authentication User Guide.