Securing my Accounts and Data
This page contains a brief overview, with links provided to read more. For a more comprehensive and recommended list, please see:
On this page:
Passphrases
One of the weakest links in the security process is the use of passwords. However, people use passwords every day and rely on the security of those passwords to protect information and data that is extremely valuable, be it their financial portfolio, confidential health information, private e-mails, business correspondence or online banking data. The security of a user’s data is only as strong as the weakest link, and more often than not, that weak link is the poor choice users make when choosing a password.
Passphrases bring into balance the trade-off between hard to remember but much more secure passwords, and easy to remember but much less secure passwords. By extending the length, IU is able to reduce the complexity requirement, and offer passwords that can allow virually any character, word, or symbol.
To read more in-depth about why passphrases are a more effective solution and about why they're more secure, see the Information Security Office article:
To change your password or passphrase now, visit:
For more information, see:
E-mail safety
Perhaps the biggest misconception is that e-mail is a secure medium — not so. There is NO privacy with email. The best analogy is that sending an e-mail is like mailing a post card. Every one who touches the post card can read it if they like. Just so, every server that your e-mail gets routed through, and there are almost always six or more in the equation, can read (or store) your e-mail if they so desire. Is it legal? No. Is it moral? No. Can it happen? Yes.
The most reliable way to determine the authenticity of an e-mail message is to check the full headers, which will tell you where the message is really from and where it's been. For more information about this, read:
For more information, please see:
Sensitive Data
In the course of its academic mission and its day-to-day administration, Indiana University collects large amounts of personal data on its students, faculty, and staff. Much of this data is not sensitive, and is in fact publicly available (e.g., names and telephone numbers). However, some of it is sensitive, including personal, financial, and legal information. Sensitive data includes information protected by Indiana or federal law as well as that protected by university policy.
For more information, see:
Protecting against identity theft
Identity theft is when someone uses personal information about you in an attempt to impersonate you. Identity thieves often do this to make purchases, establish accounts in your name, and sometimes commit more serious crimes. Protecting yourself from identity theft takes proactive effort — you can't simply assume it's not going to happen to you.
For more information and resources, see:
