Your UCD account, just as with any online account, will be targeted from time to time by those who would seek to compromise the account and use it to steal information or send spam and spread malicious software or links to malicious websites. Please refer to the information below and ensure your UCD account is as secure as possible – don’t presume it won’t happen to you!
Ensure your password complies with the UCD Password Policy
See https://iltg.ucd.ie/2018/10/new-ucd-password-policy/ for more information.
NEVER share your password with ANYONE
Every user has their own account – if you find a need to share your password then there is some other access issue at hand and that is how the “problem” should be solved.
NEVER re-use your password
You must be use a separate password for every login, UCD or otherwise. This is a common mistake where people re-use a password on second site, such as LinkedIn or Facebook. Occasionally the second site where you have used your password will suffer a data breach and the passwords will be stolen. This password will then be automatically “checked” against accounts on all kinds of services and eventually it will result in a successful but unauthorised login to your first account which shared the same password, irrespective of the strength of the password.
Change your password frequently
Much like the last point, if you haven’t changed your password in a long time, the chances are that the “quality” of it is from a time when standards were lower than they would be for a newer password. Also, if you have re-used the password previously, it could take years before the stolen password finally comes into wide enough circulation and is used to compromise another account. You should endeavour to change your passwords at least once every 12 months.
Don’t use obvious combinations of words and personal facts in passwords
Choosing a complex and memorable password takes some consideration but it is not impossible. This video from Sophos is 2 minutes long and has some excellent, practical tips for choosing strong, memorable passwords.
Don’t write your passwords down, store them in a file or in your web browser
It goes without saying but passwords should be kept secret, in every way possible. Should your computer ever become infected with malware, password files or passwords stored in web browsers, like Internet Explorer, Microsoft Edge, Firefox and Chrome are often one of the first things to be stolen. Keeping password files on shared drives does not keep them safe. If you’re logged into the shared drive, the malware has access to all of that information too.
Use more secure email options and turn off “Less Secure Apps”
This is a key point, particularly for your UCD Google Account. When you use Gmail in a web browser or on a phone or tablet (or any Google-made app to access your email) you’re using the best and most secure access method. If, however, you’re using an application like Microsoft Outlook, it is not able to connect in this more secure manner, so you will use the “less secure apps” option on your Google account – this allows less secure apps like Outlook to login to your account, but having this feature enabled means your account is vulnerable to attacks from this point of access and it is nothing more than the quality of your password which is keeping your account from being compromised.
Visit https://myaccount.google.com/lesssecureapps to check your own account options now. Unless you have an unavoidable reason to enable this setting, you should keep it disabled at all times.
If it is absolutely necessary for you to use Microsoft Outlook, there is another more secure option for syncing your email to Microsoft Outlook which allows you to keep the less secure apps option disabled. We are happy to advise on this method and help you switch, please Contact Us for assistance.