Password Tips

Tips to create a strong password

We strongly encourage you to use different passwords for all of your sensitive information accounts.  For example, use a unique password for your email and online banking accounts.  Using different and unique passwords for each account helps to minimize the impact in the event that an someone gains access to one of your accounts.

Use a variety of numbers, symbols, upper and lower case letters in your password.  By using a mixture of 8 characters to create your password, it creates over 30,000 possible combinations.  Overall, it makes your password that much harder to guess.

While creating your password with a mixture of numbers, symbols, upper and lower cases, don't use personal information.  Pick a random sentence and use the first letter of each word, along with punctuation, as the password.  For example, "Fred And Wilma Like To Have Ham And Eggs For Dinner" would become "F&Wl2hh&e4d.".  Please don't use the example as your password.  Avoid simple passwords like "password1234" or "abcd1234", thieves know people use those passwords and try them first.  It makes their job easier to gain access to your accounts, by using common passwords.

If the website allows you to create your own security questions, try to create a question/answer that can't be answered by searching your Facebook or blogging websites.  If the website provides a list of questions for you to choose from, use a mixture of letters, numbers and symbols in your answer.  This will help protect your answer because the intruder won't know the special combo of characters you used to answer the question.

Another alternative to a conventional password is to use a sentence or phase as a password.  This is a simple way to create a long password that is easy to remember.  The use of sentence or phrase makes it more difficult for an attacker to steal your login information so they can gain access to your BGSU account.  In addition to your BGSU account, the BGSU Information Security Office recommends using this technique on your other personal accounts.

The number one thing not to do is write down your password and store it near your computer or in a location that is not locked.  Whether it be a post it note or a piece of paper taped to the bottom of your keyboard, avoid these common mistakes and secure your passwords.  If you store your passwords in a file on your laptop/computer, encryption software should be used to encrypt the file.  Password managers are also a good option to protect passwords (see more under Other Security Suggestions below).  The more difficult you make it to get your passwords, it increases your odds intruders will move on to an easier target.

Changing your BGSU Password

Log into MyBGSU and change your password by clicking on Help Desk in the top right and then Change BGSU Password in the lower left.  (see "Tips to create a strong password" above for suggestions on picking a good password)

Use Two Step Authentication

We strongly encourage you to use two step authentication.  The process requires you to enter your username and password, but after you submit them you are notified on your mobile phone via a text or phone call.  Once you approve the request, you are granted access to your account.  The multifactor authentication is the latest technology used to protect your account, because it includes something you know (password) and the approval notification on your mobile device.

Currently, the following critical services are protected by Two Step Authentication:

  • Payroll Direct Deposit Self-Service
  • Student Account e-Refund Self-Service (BGSU Refund)
  • W2 Access
  • 1098-T Access

The BGSU Information Security Office recommends you access one of these services within the portal to go through the enrollment process and ensure the your account is properly configured to use Two Step Authentication.

Additionally, BGSU users have the ability to "opt in" to using Two Step Authentication each time they log in to the portal.  Here are instructions for this:

  1. Sign into MyBGSU with your BGSU username and password.
  2. Scroll down on the left side menu to Account Admin.
  3. Click on Two Step Authentication link.
  4. Click on "Yes, Opt-In" radio button to start protecting all of MyBGSU portal by Two Step Authentication.
  5. Click the Save button to save your changes.

 

Other Security Suggestions

The BGSU Information Security Team strongly recommends not using untrusted apps to access email on your mobile devices.  Some examples of these apps are listed below.  We do not recommend using these apps because their design allows them to capture your username and password.

  • My Mail
  • Spark
  • Newton

Instead of apps such as these the BGSU Information Security Team recommends that you use the Outlook app to access BGSU email.  Native mail apps on mobile devices are also safe to use if preferred. 

Password manager applications provide a safe way to store passwords.  The applications help the user organize and create strong passwords, encrypt the passwords, and access them from any device, and use two-factor authentication.  According to PC Magazine's article "The Best Password Managers of 2016", below are their top three suggested password manager applications (in no particular order).

       *denotes that a free version is offered