Password tip: Use a unique password for every site and service

FacebooktwitterredditlinkedinmailFacebooktwitterredditlinkedinmail0
A computer monitor with multiple instances of the word "password"
Gerd Altmann/Pixabay)

Here is an important password tip: Do not reuse your UMICH (Level-1) password. Try to set a unique password for each site and online service you use (or use a password manager), and never use your UMICH password for non-university accounts or services.

Reusing passwords puts you at risk. There have been a number of data breaches outside U-M where reused UMICH passwords were exposed (such as breaches at LinkedIn and Chegg). When people use their U-M email address as their login ID on a third-party site that is breached, it makes it easier for attackers to connect a reused password to a U-M account. See, for example, this ITS Information Assurance advisory from July 2020: No U-M “data breach”—U-M user info used on 3rd party sites exposed.

If each of your accounts has a unique password, and there is a data breach at one site, the other accounts are still safe.

  • Using unique passwords helps you protect your personal, private data and all your online accounts. 
  • Using two-factor authentication for your personal accounts whenever it is available provides more protection. U-M implemented Duo to provide an additional layer of security for all faculty, staff, and student accounts.

If managing multiple unique passwords is a challenge, consider using a password manager, software that generates and keeps track of passwords for you. See Safe Computing: Manage Your Passwords for more tips on creating and remembering strong passwords.

If you have used your UMICH password anywhere outside the university, change that password today!

Leave a Reply

Your email address will not be published. Required fields are marked *