3. Why is password security important?

Keeping your Oxford Single-Sign On (SSO) password secure is something on which IT Services places a great deal of importance. People sometimes query this with comments such as "it's just my email - it wouldn't matter if someone else did get in to read it."

In fact the consequences of someone else knowing your SSO password could be very much more serious. Here's just a few examples of what they could do:

  • read all your old emails, especially copies of messages you've sent - you may be inadvertently storing confidential information such as credit-card details in these.
  • send emails from your account to another person or to a mailing list and cause you widespread embarrassment.
  • modify personal web pages you may have on the University web site.
  • change the passwords on your other accounts such as Remote Access.
  • obtain VPN access to the University network and from there:
    • make use of restricted University resources
    • access illegal software/movie/pornography internet download sites
    • launch attacks on University systems from inside the University firewall
    • send large amounts of junk mail
  • email a "forgotten password" request, e.g. to Amazon, and then order goods in your name to be delivered to some other address.
  • access any Weblearn resources that you may own or administer.
  • make you appear to be responsible for any of the above misdemeanours and consequently subject to investigation by the University authorities.

Revealing your password to anyone else (even IT Services Staff) is against University IT regulations - you risk having your IT facilities removed.

Remember: treat your password like your toothbrush - never share it, and change it frequently. If you believe that someone else may know your password then change it immediately.

Up: Contents Previous: 2. What is password security? Next: 4. Why can't I tell anyone my password?