INFORMATION TECHNOLOGY

Password Security and Multi-Factor Authentication (MFA)

Passwords are the keys to your digital identity—and often the first target of cybercriminals. Weak or reused passwords put sensitive data at risk, from academic records to patient health information. Multi-Factor Authentication (MFA) adds another layer of defense by requiring a second form of verification, making it much harder for attackers to gain access.

  • Students often reuse passwords across email, social media, and learning portals, making them prime targets.
  • Faculty risk losing access to research, publications, and grants if credentials are stolen.
  • Staff must protect administrative systems, HR data, and healthcare applications with strong credentials.

Password Best Practices

  • Use long, complex passwords that are unique for each account.
  • Never reuse passwords across multiple systems.
  • Consider using a password manager—a secure tool that generates, stores, and autofill strong passwords so you don’t have to remember them all.

Popular password managers:

  • 1Password
  • Bitwarden
  • Dashlane
  • Keeper
  • LastPass

These are for awareness only, not endorsement. Each offers free and paid plans; the right choice depends on personal needs and preferences.

Storing Passwords in Browsers – What to Know

Modern browsers (Chrome, Edge, Safari, Firefox) offer built-in password storage. While convenient, students, staff, and faculty should be aware of the pros and cons:

Advantages

  • Easy access with autofill.
  • Syncs across your devices when logged into your browser account.
  • Some browsers offer password health checks and breach notifications.

Risks

  • If your device is lost or compromised, saved passwords may be exposed.
  • If your Google/Microsoft/Apple account is breached, all synced passwords could be at risk.
  • Lacks advanced security features provided by dedicated password managers.

Safe Practices if You Use Browser Storage

  • Always lock your devices with strong passwords or biometrics.
  • Turn on MFA for your browser account (Google, Apple, or Microsoft).
  • Never save passwords on shared or public computers.
  • Regularly check for compromised or weak passwords in browser settings.

Multi-Factor Authentication (MFA)

MFA adds another layer of defense by requiring a second form of verification, making it harder for attackers to gain access. Even if a password is stolen, MFA significantly reduces the risk of unauthorized entry.

For the best user experience at our university, we recommend downloading the Microsoft Authenticator application to your mobile device. It allows secure sign-in through a two-step verification process, reducing the risk of account compromise.

Free methods for MFA verification

  • Microsoft Authenticator App
  • Phone Call

For the best user experience, we recommend downloading the Microsoft Authenticator application to your mobile device.

The Microsoft Authenticator application helps users sign in to their accounts by using a two-step verification process. Free methods for MFA verification:

  • Microsoft Authenticator App
  • Phone Call

The Authenticator application can be downloaded through the Play Store or the App Store to any mobile device.  We recommend following these Microsoft Authenticator Instructions to set up the application.  

How to Set Up Multifactor Authentication

Multifactor Authentication Instructions

 

Last Updated: 10/1/25