Password Tips

Tips to create a strong password

We strongly encourage you to use different passwords for all of your sensitive information accounts.  For example, use a unique password for your email and online banking accounts.  Using different and unique passwords for each account helps to minimize the impact in the event that an someone gains access to one of your accounts.

Use a variety of numbers, symbols, upper and lower case letters in your password. Using a mixture of up to 12 characters to craft your password creates an extremely large number of potential combinations and makes your password much harder to guess.

While creating your password with a mixture of numbers, symbols, upper and lower cases, don't use personal information.  Pick a random sentence and use the first letter of each word, along with punctuation, as the password.  For example, "Fred And Wilma Like To Have Ham And Eggs For Dinner" would become "F&Wl2hh&e4d.".  Please don't use the example as your password.  Avoid simple passwords like "password1234" or "abcd1234", thieves know people use those passwords and try them first.  It makes their job easier to gain access to your accounts, by using common passwords.

If the website allows you to create your own security questions, try to create a question/answer that can't be answered by searching your Facebook or blogging websites.  If the website provides a list of questions for you to choose from, use a mixture of letters, numbers and symbols in your answer.  This will help protect your answer because the intruder won't know the special combo of characters you used to answer the question.

Another alternative to a conventional password is to use a sentence or phase as a password.  This is a simple way to create a long password that is easy to remember.  The use of sentence or phrase makes it more difficult for an attacker to steal your login information so they can gain access to your BGSU account.  In addition to your BGSU account, the BGSU Information Security Office recommends using this technique on your other personal accounts.

The number one thing not to do is write down your password and store it near your computer or in a location that is not locked.  Whether it be a post it note or a piece of paper taped to the bottom of your keyboard, avoid these common mistakes and secure your passwords.  If you store your passwords in a file on your laptop/computer, encryption software should be used to encrypt the file.  Password managers are also a good option to protect passwords (see more under Other Security Suggestions below).  The more difficult you make it to get your passwords, it increases your odds intruders will move on to an easier target.

Changing your BGSU Password

Log into MyBGSU and change your password by clicking on Help Desk in the top right and then Change BGSU Password in the lower left.  (see "Tips to create a strong password" above for suggestions on picking a good password)

Use Two Factor Authentication

Our office strongly encourages you to use Two Factor Authentication protection whenever possible/available.  The process requires you to enter your username and password, but after you submit them you are notified on your mobile phone via a text or phone call.  Once you approve the request, you are granted access to your account.  The multifactor authentication is the latest technology used to protect your account, because it includes something you know (password) and the approval notification on your mobile device.

Currently, the following critical services are protected by Two Factor Authentication:

  • MyBGSU Portal
  • VPN

In addition to the above services, BGSU users enable Two Factor Authentication for their BGSU email accounts.

For more information on Two Factor Authentication at BGSU, and instructions for enrolling in Two Factor for email, visit www.bgsu.edu/2factor.

Other Security Suggestions

The BGSU Information Security Team strongly recommends not using untrusted apps to access email on your mobile devices.  Some examples of these apps are listed below.  We do not recommend using these apps because their design allows them to capture your username and password.

  • My Mail
  • Spark
  • Newton

Instead of apps such as these the BGSU Information Security Team recommends that you use the Outlook app to access BGSU email.  Native mail apps on mobile devices are also safe to use if preferred. 

Password manager applications provide a safe way to store passwords.  The applications help the user organize and create strong passwords, encrypt the passwords, and access them from any device, and use Two Factor Authentication.  According to PC Magazine's article "The Best Free Password Managers of 2019", below are their top four FREE suggested password manager applications (in order by PC Magazine's editors' rating).

In addition to free password managers, there are a variety of other password managers available for purchase. According to PC Magazine's article, "The Best Password Managers for 2019", here are the top subscription-based password management applications (listed in order by PC Magazine's editors' rating).