Why is it important to secure my account and computer?

Contents:

  1. Why is it important to have a secure password?
  2. What if the material on my account is not confidential?
  3. Why do my passwords expire?
  4. What if I have to write down my password?
  5. What can I do to make my computer safer?

Request security assistance

Overview:

Having an insecure password, clicking on an unknown email attachment or not installing updates could make it possible for someone to:

  • Read all your email or instant messages
  • View your grades
  • Change your course schedule
  • Read or change anything on your computer
  • Read or change anything accessed from your computer
  • Turn on your computer’s microphone and listen in on conversations
  • Use your computer for cyber crime (for which you may be blamed)

University of Idaho computers are scanned constantly from around the world by people looking for computers whose operators have made these mistakes.

The University of Idaho network is scanned approximately 450,000 times a day by individuals outside of the university network. This averages to be about 50-60 scans on every computer on the network every day. This amount of scanning is comparable to a burglar checking your door 50-60 times a day trying to break-in. The security of your account and computer is largely dependent on how your co-workers and fellow students use their computer and accounts.

Why is it important to have a secure password?

The University of Idaho relies on highly secure computing systems for everyday work. This includes sending and receiving email, registering for classes, paying for classes online, sharing documents and files with co-workers and many more critical activities. Having a secure password not only allows you to be safe when computing at the UI but also keeps your account from being used for illegal activities without your knowledge.

What if the material on my account is not confidential?

You may not consider your email, class registration or work activities confidential. However, many security breaches can involve deletion or corruption of data, mass email containing potentially questionable material) sent from the account and the attempted use of the account for illegal break-ins on other systems or accounts. When a single account is compromised on a system, it increases the potential to have all accounts on the system compromised. Since you are responsible for your account and password you may be considered responsible for illegal break-in attempts to other accounts.

Why do my passwords expire?

To ensure the security of mission critical services at the university we have implemented password expiration. Before expiration, emails are sent out at least one week in advance as a warning. When a password expires, you are notified during login to obtain a new password. This was primarily done to make password “cracking,” or guessing, more difficult, but it was also done to comply with independent state auditors on their recommendation to expire passwords.

What if I have to write down my password?

It might seem like writing down a password, due to the complex security rules and password expiration, defeats the purpose of the security measures. This is a “post-it note” myth. It is better to have a secure password that may be a little more difficult to remember than an easy to guess password. Almost 100% of break-in attempts are executed through the computer network and not by physical access to a computer in a locked room.

What can I do to make my computer safer?

  • Use secure passwords for all of your accounts.
  • Install Antivirus software and keep it up to date. Visit our AntiVirus software page to learn more.
  • Install personal firewall software. Personal firewall software stops attempts from outside computers to connect to services on your machine (that you may not know you are running). Windows has a built in firewall that we recommend you enable. Contact your TSP or SysAd if you're an employee, or the Student Technology Center if you're a student.
  • Do not click on unknown email attachments
  • Keep your operating system up-to-date. Visit your vendor’s update sites often to check for security patches or allow applications to check for updates.

Details

Article ID: 203
Created
Wed 12/13/17 3:07 PM
Modified
Wed 6/14/23 2:43 PM

Related Articles (13)

Email Phishing FAQ
Answers to frequently asked questions about email phishing.
How do I change my account password?
Learn how to set the password on your account. To follow these directions you need to know your username, password and setup your security profile.
How do I manage records?
This article describes how to manage and dispose of records, as well as the security implications of the included processes.
How do I reset my forgotten account password?
Affiliates can reset their password if they have a Security Profile with 3 questions and 1 personal email address set up. If you do not have a security profile and have forgotten your password, please contact OIT.
How do I set up my security profile?
Setting up a security profile with a minimum of 3 questions and 1 contact enables the reset of a forgotton or compromised password.
Security Software
A list of the software provided through ITS Security, with links for downloads.
Spam email
What to do about spam. Some people and business indiscriminately send large amounts of unsolicited commercial email (UCE). In recent years, spam content has expanded to include offensive advertising, malicious content and computer viruses.
What is phishing?
Information about and helpful tips on identifying phishing emails.
Whole Disk Encryption FAQ
Answers to frequently asked questions about Whole Disk Encryption.
Why do I have to format and re-image my computer after it is infected with a virus?
Malware removal is not an effective way to ensure an infected computer is clean. The best way to approach malware infections is to format and re-image the computer.

Related Services / Offerings (2)

File Recovery
How to recover a file or email message?
Technology Security Incident Report
Report an information security incident.