Protect yourself from identity theft.
Operating System: All
Applies To: UB students, faculty, staff, alumni, retirees
Last Updated: January 18, 2018
If someone has your password, they can:
- Find personal information
- Access MyUB, HUB Student Center or other services
- Log into your UBmail account
- Access confidential UB information on the university's
- Gain information about your registered computers at UB and
register their own on your UB account
There are several different ways someone can acquire your
- Cracking: Password cracking programs are designed to
guess the most common passwords first. Most programs can make
over one million crack attempts per second.
- Malware: Password stealers and keyloggers are often
packaged with viruses and spyware.
- Phishing: UB will never ask you to confirm your password
through email, so don't click on links in an email asking you to do
so. If you suspect or are unsure if you have received a
phishing attempt email, please contact the UBIT Help Center before
clicking on any links with the email.
- Social Networking: Never give away your password to
anyone, even someone claiming to work for the UBIT Help Center or
other UB department.
The next generation in secure passwords is a passphrase. A
passphrase uses a short phrase instead of a single word, making it
more difficult for someone else to guess or use. It should be
virtually impossible for others to guess, and not contain or be
based on personal information.
There are many ways people try to make their passwords easier to
remember. Password cracking programs look for the most common
Passwords should NOT:
- Contain your UBITName
- Be the same as other passwords you are currently using
(including non-UB services)
- Be a single word, forward or backward, from an English or
- Contain more than three sequential characters on a keyboard
(ex: qwerty or 1234)
- Contain more than two consecutive repeating characters (ex:
- Be all numbers such as birth or anniversary dates (ex:
- Be shared with anyone for any reason
There are three simple ways:
- Create a password by taking a short phrase and:
- Change the capitalization of some of the letters
- Replace some of the letters with numerical and symbolic
substitutions (ex: $ for S, 3 for E)
- Misspell or abbreviate some words (ex: "go fight win ub bulls"
- Choose several shorter words and add some numbers in the
center, than change the captialization and substitute symbols for
letters (ex: "book 1159 Hamlet" becomes "b0()k1159H^ml3+").
- Choose a memorable quote or phrase and use only the first
letter from each word (ex: "We will show the world what it means to
be the University at Buffalo" becomes "WW$+ww!m+8tU^B").