print friendly version

How to...

Staying safe online


This new portal links to both existing and new information on many relevant topics.


Passwords

There are a few important rules when it comes to choosing and changing your passwords.

DO

  • change your password often
  • use different passwords for different services
  • use a strong password

DON'T

  • write it down
  • ever tell anyone else what it is
  • use your IT Services password for any other service
  • email it anywhere
  • use a real word

What is meant by the “strength” of a password?

A Strong password should never be a word found in a dictionary and should contain letters, numbers and symbols. Guidance on permitted passwords at Sussex can be found in Online Help Desk FAQ 839.

To test the strength of your current (or an intended) password, enter it in the box below. The strength (or lack of it) will be indicated below:

If you find strong passwords difficult to remember, you could always make it up from the first letters of a phrase, for example TBONTBTITQ (To Be Or Not To Be That is The Question) and then substitute numbers and symbols for the letters, e.g. zero for O, one for l or i, 4 for H, + for T, ( for C and so on.

Further information:

top of page


Facebook security

When using Facebook there is a risk that you may be vulnerable to identity fraud (true for all online activity involving personal information). The most important rule therefore is to think twice before making a piece of personal information available.

When setting up a new account the default Facebook setting makes your full profile available to all friends and more importantly to all members of any networks you may join, such as the University of Sussex network (approximately 10,000 people) or the Brighton and Hove network (approximately 150,000 people).

It is strongly recommended that you change the privacy settings to allow full profile information only to people you have specifically added as friends or accepted friend-requests from:

  • From the Settings menu select Privacy settings
  • Click on Profile and under Basic change all settings to Only Friends (for additional security, under Contact information you should consider changing all settings to No one)
  • Click on Save Changes

Further information:

top of page


Protecting your computer from viruses

Computer viruses and spyware (“malware”) are programs intended to be installed onto a computer without the owner's knowledge. These programs run secretly, often damaging data and sometimes collecting information about the user and sending it to third parties. Most malware can reproduce and spread to other computers, usually via the internet.

The best way to protect your computer against malware is install anti-virus and anti-spyware software which is kept up to date (with fresh information about new threats downloaded to it on a regular basis). The University of Sussex recommends Microsoft Security Essentials which is free to users with a valid copy of Windows.

Further information:

top of page


Phishing and scams

Phishing is the name given to the practice of sending emails at random purporting to come from a genuine company or organisation operating on the Internet.

The emails attempt to trick the recipient into entering confidential information, such as credit card or bank details. The links contained within the message are false, and often re-direct the user to a fake web site.

On more than one occasion, IT Services has detected emails sent to Sussex staff and students asking them to confirm their username and password. These emails are fraudulent - IT Services didn‘t send them and would never ask you for your password, for any purpose.

Remember, your password is your secret and IT Services don‘t have a record of it. Our terms of use forbid you to share your password with anyone, including IT Services staff,. who would never ask you for your password over the phone, by email, or by any other means.

Protect yourself:

  1. If you think you may have responded to a phishing email, change your password immediately
  2. Never tell ANYONE your password
  3. Don‘t use the same password everywhere. In particular, be very careful with your University password, and with passwords that you use for financial and email systems.

Further information:

top of page


Spam

Almost everyone who uses email will be familiar and frustrated with the endless avalanche of unsolicited emails pushing cheap prescription drugs, asking for money, offering chances to partake in get-rich-quick schemes and selling financial products. All this clogs up your inbox and is collectively known as spam.

IT Services currently have several mechanisms to reduce the amount of spam on the campus mail system, with some success - the servers reject something in the order of one million spam emails coming to Sussex addresses every day.

In the meantime the best approach to spam in almost every case is to delete it immediately. It is usually clear from the Subject line that a message is junk, so you do not even need to open the message to read it. Some such messages invite you to reply if you want to be removed from their list. DO NOT DO THIS! If you reply you are confirming that your address is valid and that you are reading email, and your reply may then attract more unwanted messages. The basic rule of thumb is Ignore, Delete and Forget.

Further information:

top of page


Information Security

Link to Sussex's Information Security web site.

top of page


created on 2010-08-24 by David Guest
last updated on 2014-05-20 by Gillian Powell