Why is it important to secure my account and computer?

Contents:

  1. Why is it important to have a secure password?
  2. What if the material on my account is not confidential?
  3. Why do my passwords expire?
  4. What if I have to write down my password?
  5. What can I do to make my computer safer?

Request security assistance

Overview:

Having an insecure password, clicking on an unknown email attachment or not installing updates could make it possible for someone to:

  • Read all your email or instant messages
  • View your grades
  • Change your course schedule
  • Read or change anything on your computer
  • Read or change anything accessed from your computer
  • Turn on your computer’s microphone and listen in on conversations
  • Use your computer for cyber crime (for which you may be blamed)

University of Idaho computers are scanned constantly from around the world by people looking for computers whose operators have made these mistakes.

The University of Idaho network is scanned approximately 450,000 times a day by individuals outside of the university network. This averages to be about 50-60 scans on every computer on the network every day. This amount of scanning is comparable to a burglar checking your door 50-60 times a day trying to break-in. The security of your account and computer is largely dependent on how your co-workers and fellow students use their computer and accounts.

Why is it important to have a secure password?

The University of Idaho relies on highly secure computing systems for everyday work. This includes sending and receiving email, registering for classes, paying for classes online, sharing documents and files with co-workers and many more critical activities. Having a secure password not only allows you to be safe when computing at the UI but also keeps your account from being used for illegal activities without your knowledge.

What if the material on my account is not confidential?

You may not consider your email, class registration or work activities confidential. However, many security breaches can involve deletion or corruption of data, mass email containing potentially questionable material) sent from the account and the attempted use of the account for illegal break-ins on other systems or accounts. When a single account is compromised on a system, it increases the potential to have all accounts on the system compromised. Since you are responsible for your account and password you may be considered responsible for illegal break-in attempts to other accounts.

Why do my passwords expire?

To ensure the security of mission critical services at the university we have implemented password expiration. Before expiration, emails are sent out at least one week in advance as a warning. When a password expires, you are notified during login to obtain a new password. This was primarily done to make password “cracking,” or guessing, more difficult, but it was also done to comply with independent state auditors on their recommendation to expire passwords.

What if I have to write down my password?

It might seem like writing down a password, due to the complex security rules and password expiration, defeats the purpose of the security measures. This is a “post-it note” myth. It is better to have a secure password that may be a little more difficult to remember than an easy to guess password. Almost 100% of break-in attempts are executed through the computer network and not by physical access to a computer in a locked room.

What can I do to make my computer safer?

  • Use secure passwords for all of your accounts.
  • Install Antivirus software and keep it up to date. Visit our AntiVirus software page to learn more.
  • Install personal firewall software. Personal firewall software stops attempts from outside computers to connect to services on your machine (that you may not know you are running). Windows has a built in firewall that we recommend you enable. Contact your TSP or SysAd if you're an employee, or the Student Technology Center if you're a student.
  • Do not click on unknown email attachments
  • Keep your operating system up-to-date. Visit your vendor’s update sites often to check for security patches or allow applications to check for updates.