Your University account password (formerly Raven) provides access to University data, including confidential and valuable information. It is essential to keep it secret and keep it safe.
Your University account password protects your accounts and is used to grant you the appropriate access privileges to many University systems and storage. It's therefore very powerful: if someone manages to get your password and compromises your University account, they'll have access to everything you have access to.
Here are some tips on how to keep your password safe:
 |
Choose a strong password. |
 |
Don't share it with anyone else. |
|
Don't use it on any other website or system – for example, to password-protect office documents and spreadsheets at work, or on external sites such as your bank, Amazon or Netflix. |
|
Be discreet when typing in your password. |
|
Don't write your password – for example, on a Post-it note. |
|
Consider using a password manager. |
|
Secure your home devices with a password, PIN or biometric identifier (for example, thumbprint) if you use them for work. |
|
Don't give out your password over the phone or in an email (no University IT service desk or Computer Officer will ever ask you for your Raven password). |
|
Check if your password is on this list of Top 100k pwned passwords and if it is, change it and don't use it again. The National Cyber Security Centre (NCSC) recommend using password blacklists to help make good password choices and recommend this one in particular. |
|
Change your Raven password immediately if you think it's been cracked or your account compromised in some way and update any mobile devices that use your account details at the same time. It's best to stop your mobile device from using the old password while you change it on the Raven Password Management site because you might get locked out of your account if the device causes lots of invalid login attempts. |
|
Set up self-service password recovery, if you haven't already done so. |