Security, Unauthorized use of accounts

Security information from Technology Services Privacy and Information Security team.

It is University policy to never share your account credentials with anyone, including Help Desk or Security staff. Misused accounts can be used to impersonate you or steal information that the University is required to keep safe.

Consider the following ways in which accounts can be stolen.


1. Has your account information, including passwords, been shared with anyone?

Often "hacked" accounts are cases of shared account information.

While it can be convenient to share your account information with another employee, this can lead to compromised accounts. Even with the best of intentions, shared account information could be lost or accidentally used by another person.

In order to protect yourself and the University, do not share your account information with others.

2. Have you used the password for your University account with any other websites or services?

Many people use the same username or variation (such as University email address) and same password for non-University services (e.g. Social networking sites like Facebook).

While many websites use good security practices to protect user passwords, not all do. Website breaches are common, and a password that is revealed from a website breach are fequently used on other websites as well.

The password for your University accounts should not be used for non-University services.

3. Have you entered your username/password on an untrusted computer?

If you have used your username and password on a computer that you are not in control of, it is possible that your username and password can be stolen through that system.

Be wary of using your account on computers you do not trust.

4. Have you clicked on any suspicious links in an email or elsewhere?

Phishing emails are a constant threat to campus. If you receive an email where you do not know or trust the sender, do not click any links in that email.

It is possible that a malicious link in an email can lead to a website that looks like a legitimate University website, but actually belongs to a malicious group or individual.


What should you do if you have a "hacked" email or stolen passwords?

Reset your password.

Contact the Tech Services Helpdesk.

Email: consult@illinois.edu
Phone: 217-244-7000
Location: 1211 Digital Computing Lab




Keywords:security, privacy, information, lost, stolen, password, hack, account, username, credentials   Doc ID:66698
Owner:Security S.Group:University of Illinois Technology Services
Created:2016-09-06 09:52 CSTUpdated:2020-04-14 12:47 CST
Sites:University of Illinois Technology Services
Feedback:  0   0