Here is an important password tip: Do not reuse your UMICH (Level-1) password. Try to set a unique password for each site and online service you use (or use a password manager), and never use your UMICH password for non-university accounts or services.
Reusing passwords puts you at risk. There have been a number of data breaches outside U-M where reused UMICH passwords were exposed (such as breaches at LinkedIn and Chegg). When people use their U-M email address as their login ID on a third-party site that is breached, it makes it easier for attackers to connect a reused password to a U-M account. See, for example, this ITS Information Assurance advisory from July 2020: No U-M “data breach”—U-M user info used on 3rd party sites exposed.
If each of your accounts has a unique password, and there is a data breach at one site, the other accounts are still safe.
- Using unique passwords helps you protect your personal, private data and all your online accounts.
- Using two-factor authentication for your personal accounts whenever it is available provides more protection. U-M implemented Duo to provide an additional layer of security for all faculty, staff, and student accounts.
If managing multiple unique passwords is a challenge, consider using a password manager, software that generates and keeps track of passwords for you. See Safe Computing: Manage Your Passwords for more tips on creating and remembering strong passwords.
If you have used your UMICH password anywhere outside the university, change that password today!
