Make it a Passphrase
Instead of using a single word as your password, use a phrase or a series of words, the longer the better. Unlike passwords that are relatively easy to guess or crack, passphrases of at least 14 characters are next to impossible to crack and they are easier to remember than you think.
More Than Just Letters
Add symbols, numbers and spaces to your password for additional security. Instead of Themoreyouknow you could use: Th3M0r3UKn0w and you've just added additional security to your account.
APU Passwords must be at least 8 characters in length, they can be as long as 32 characters and must contain 3 of the 4 types of characters (upper case, lower case, numbers, and symbols).
No Reusing Passwords
Use a unique passphrase for each account. Passphrase reuse can lead to multiple account breaches. Too many accounts to remember all those passphrases? Check out a password manager, like LastPass.
Avoid Writing Down Passphrases
Avoid writing down passphrases and never store in places others can see (for example, banking login credentials on a post-it note). If you store passphrases on your mobile devices, make sure to keep your devices locked when not in use to prevent unauthorized access. And check out a password manager, like LastPass.
Forget What You Learned in Kindergarten - No Sharing Passwords
Do not send your passphrase via email, text message, etc. If there is ever a need to share a passphrase, relay it vocally. And consider changing it as soon as possible after you've shared it.
Change Your Passwords at Least Once Every Year
The longer your password remains the same, the greater the likelihood that a hacker will crack it and break into your account. Hackers use malicious programs to try thousands of passwords against your account until they find a match. At APU you are required to change your password every 365 days. You should always change your password if you believe someone has learned it.
Don’t Fall for Phish
Even the strongest passphrase must be kept a secret to remain effective. Please remember that no legitimate entity will send you an email requesting that you provide your username, password, or other personal information. If you receive such an email (also known as “phish”) at your APU account, please forward it to firstname.lastname@example.org
If Your Account Gets Compromised
If you suspect that your APU NetID account has been compromised, change your password immediately. Once you have changed your password, notify the IMT Support Center at 626-815-5050 or support.apu.edu
Tip: The website haveibeenpwned.com allows you to input your email address to determine if any accounts it is associated with have been involved in a public data breach.
The IMT Security Office is available for department meetings and classroom visits. Please contact email@example.com for more information or to schedule a session.