Before You Login: Use a Secure Password

Before You Login Before You Login

Using a strong password to log in to your device or your online account is your first line of defense to protect your data. In this article, we're sharing tips for developing and managing strong passwords for your accounts, and why adding multi-factor authentication (MFA) to your account is so important for protecting your information.

Before creating a new password, do the following:
  • Use long passwords. Your password should consist of a minimum of eight characters or more, and should be difficult to guess. Passwords should not consist of personal information, like your name or your birthday. Examples of a bad password are: Sebastian01 or Canes1.
  • Be sure to use special characters and numbers. Adding numbers and special characters to your password exponentially increases the difficulty of guessing your password. For example, you can use @ to replace the letter "A," and an exclamation point (!) can replace the letters "I" or "L."
  • Do not save your passwords to your web browser. Web browsers, such as Google Chrome and Safari, utilize built-in password managers. However, these web browser accounts are at the highest risk of being susceptible to security breaches while your computer is unmonitored—leaving your passwords vulnerable.
  • Incorporate multi-factor authentication (MFA) when possible. When configuring an account, such as an online bank or email account, you should always use strong and complex passwords and enable MFA when possible. MFA protects your account by acting as a second line of security defense. The University's MFA, Duo, protects you by requiring you to have a secondary outlet to authenticate your identity when accessing your CaneID account and other UM systems. This means you must have a mobile device, landline, token, or tablet tied to the account to respond to the prompt.

Have questions? We're here to help!

If you have questions about cybersecurity, or if you want to learn more about how to stay safe online, contact the Information Security Office (ISO) at: