The Technology Services Identity, Privacy & Cybersecurity team monitors accounts for behavior that may indicate the presence of attackers accessing a person's account. Whenever such behavior is observed, the password for the account is scrambled to prevent attackers from using the account for malicious purposes. There are a variety of factors that are considered in making this determination, most related to watching for behavior on the account that doesn't match behavior previously recorded.

Some behaviors can make your own legitimate logins look suspicious enough to be caught by this system. These primarily consist of:

• Sharing your password with someone else (friends, family members, etc.). This is a violation of the Campus Appropriate Use Policy.
• Intermittently using a third-party VPN. VPNs change where your internet traffic appears to be coming from, so if you are in one country and connect to a VPN from another country, your apparent location will suddenly change. If you need to use a third-party VPN, you should connect it before accessing any University resources, and make sure to leave it connected.

NOTE: third-party VPNs are not supported by Technology Services, and for most situations, a better solution would be to use the CISCO AnyConnect client VPN, which is available for free from the WebStore. See here for installation instructions: VPN, CISCO Secure Client or AnyConnect, Installation Instructions Splash Page. The compromised account system is programmed to recognize UIUC VPN logins and will not consider them suspicious.

• Using a out-of-country cell phone on roaming to log into University resources. If a cell phone is on a local WiFi network the internet traffic will appear normal, but if the phone is on roaming, many cell phone companies route internet traffic back to the home country of the cell phone, making it appear to be located there. You may not be able to reliably use this cell phone in this way without having your password scrambled.
• Connecting the UIUC VPN, and then connecting to an on-campus computer via Remote Desktop Protocol (RDP). When you RDP to an on-campus computer, it looks like a new login to your account from someone on-campus, which looks suspicious. In most cases, the UIUC VPN will allow your traveling computer to do anything that could be done on-campus, so unless you need specialized software from a campus-based computer, RDP should be unnecessary.

To regain access to your account you may do so with the Technology Services Password Manager, accessible at https://go.illinois.edu/password, or from the "Reset Your Password" button on the main Technology Services website. This requires you to have your account recovery options configured beforehand. If you are not able to do this, please contact the Technology Services Help Desk at consult@illinois.edu. If you are faculty or staff, it may be more convenient to contact your unit IT department for assistance.