Tag Archives: password

U-M requiring password reset for all UMICH (Level-1) accounts

The University of Michigan has mandated that passwords for all UMICH (Level-1) accounts be changed by the end of Sept. 12. An email informing faculty, staff and students across the Ann Arbor, Dearborn and Flint campuses, as well as Michigan Medicine, was sent from Ravi Pendse, vice president for information technology, and Sol Bermann, chief information security officer.… Read More »

Password tip: Use a unique password for every site and service

Here is an important password tip: Do not reuse your UMICH (Level-1) password. Try to set a unique password for each site and online service you use (or use a password manager), and never use your UMICH password for non-university accounts or services. Reusing passwords puts you at risk. There have been a number of data breaches outside… Read More »

New UMICH password strength requirements

Next time you change or reset your UMICH (Level-1) password, you will need to meet new password strength requirements. Existing passwords are not affected by the new requirements and can remain as is. The new requirements align with current best practices and National Institute of Standards and Technology (NIST) guidelines for passwords. Given the sophistication of attempted attacks… Read More »

Michigan Medicine offers a free password manager for its employees

Michigan Medicine employees and students are required to use passwords to access various applications and business systems in their daily work. Because it can be difficult to keep track of multiple passwords, some people choose a simple password they can remember (e.g., their date of birth, a pet’s name, or another easily discovered piece of personal information), keep… Read More »

Update: Chegg password incident resolved

The public release of credentials (email addresses and associated passwords) related to the 2018 Chegg breach unfortunately affected the U-M community. Thank you to those of you who assisted students and others whose UMICH passwords were reset in late September as a result of reuse at U-M of passwords exposed in a data breach at Chegg, a commercial… Read More »

New prompt starting to collect UMICH account recovery info

If you ever forget your UMICH (Level-1) password, you can efficiently recover your account access as long as you have already completed some simple, advance setup. ITS has long offered a self-service account recovery option, but many users were unaware of the advance setup requirement until it was too late. To address this gap, ITS is adding a… Read More »

EIAM Program improves experience for tens of thousands

The Enterprise Identity and Access Management (EIAM) program began 18 months ago to improve how people obtain and use accounts to access U-M services. The program came to an official close this summer. The program’s ambitious scope included the entire U-M community—Ann Arbor, Dearborn, Flint, and Michigan Medicine. The team sought to reduce today’s pain points and to plan for improvements into the future.

Users to be prompted for UMICH account recovery info

Resetting a forgotten UMICH (Level-1) password can be easy—but only if you’ve set up account recovery information ahead of time. When you save your account recovery information—a non-university email account and/or your mobile phone—we then know where to send your password-reset code in case you ever forget your password. To make this process easier, ITS will begin gradually… Read More »

If you forget your UMICH password, remember your phone!

A new option for securely and conveniently resetting a forgotten UMICH (Level-1) password is now available. In the past, if you forgot your UMICH password, you had to request a password reset code be sent to a non-UMICH email account. Now you may send the password reset code to your phone as a text message. (Standard text message… Read More »

Tips for secure passwords

In honor of World Password Day on May 3, School of Information assistant professor Florian Schaub shared these online security tips: Use a password manager Use unique passwords Use two-factor authentication (like Duo!) Whether it’s World Password Day or not, it’s a good idea to update online privacy settings. Watch the video below to learn how. For additional… Read More »

Units to test prompts to set account recovery info

If you forget your UMICH (Level-1) password and want to reset it yourself, you can do so only if you previously saved account recovery information at UMICH Account Management. That’s because the university needs to know where to send you a password-reset code. Most new students and employees now provide account recovery information as part of self-serve uniqname setup, but many of… Read More »

Option to get password reset codes by text coming soon

Later this spring, a new option for account recovery will be added to UMICH Account Management. Currently, if you forget your UMICH (Level-1) password, you can receive a password reset code by email (as long as you have provided a non-UMICH email address for that purpose). Information and Technology Services (ITS) is working to give you the option… Read More »

Reset forgotten UMICH passwords without security questions

Beginning February 24, you will be able to reset your UMICH (Level-1) password yourself without having to remember answers to your security questions. Before you can reset your UMICH password online at UMICH Account Management, your identity must be verified. For several years that has been done through the use of pre-set security questions and answers along with… Read More »

Flint completes first phase of password sync project

By | February 15, 2018

After over a year in development and testing in collaboration with the UM-Ann Arbor ITS Identity and Access Management team, UM-Flint ITS completed a project designed to synchronize employees’ UMICH passwords to their Flint LAN accounts. This project has reduced the number of passwords UM-Flint employees need to remember and increased the time between password changes to one… Read More »

Units can deploy Passwordstate under U-M license

You can deploy Passwordstate in your unit under a U-M license that covers use by U-M faculty, staff, and students on all U-M campuses. Passwordstate allows teams of people to access and share sensitive password resources and is typically used for managing elevated and administrative passwords, as well as passwords for smaller proprietary systems, such as research databases.… Read More »

Look before you log in

By | August 14, 2017

Many people at U-M receive phishing emails with links to fake Weblogin pages that look exactly like the real one. When people log in to the fake page, their password is stolen, and their U-M account is compromised. The only clue it’s a fraudulent login page is the URL. Before entering your UMICH (Level 1) password, check that… Read More »