Keep your University account safe and secure
Your University account gives you access to your email account, Google Apps, software and computers across the University.
Find out how to:
- set up or access your computer account
- change or recover your password
- set up Google 2-Step verification
Setup or access your computer account
To get your computer account username and temporary password, go to your Student Account to enter:
- Your Student ID Number
- Date of birth
You should have received your student reference number from your department or in your freshers pack.
You can also access your account from any Open Access Area PC – at login, there is a link below the username and password section called 'Students - New account/Forgotten Password' that will take you to your account.
If you're an existing student and have forgotten your computer account username and/or password, you can find your details in your Student Account.
If you continue to have problems with your account, contact IT support with your student ID number.
Change or Recover Your Password
When you first receive your computer account username and password, you must change the password as soon as possible as this password is only temporary.
You may also be asked to change your password for security purposes.
Only do change your password via the University's password portal, password.port.ac.uk. Select 'Change your password' or 'Forgotten your password'.
Choosing your password
Passwords are the first point of attack for anyone trying to steal your data. The University guidelines state a password should be made up of a mixture of:
- English uppercase characters (A–Z)
- English lowercase characters (a–z)
- Numbers (0–9)
- Non-alphanumeric characters (e.g. !, $, #)
Passwords should not be only a single dictionary or slang word and they shouldn't contain personal information such as names, pet names, maiden names, birthdays, car registration and similar personal data. Also do not reference hobbies such as football teams, actors, and band names.
The primary goal is to create and use ‘strong’ passwords – which are easy to remember and difficult to guess. There are 3 strategies recommended by the University:
Use a passphrase
- A passphrase is generally a longer version of a password and is typically composed of multiple words: The following is a suggested method for creating a strong Passphrase:
- Pick 3 short unrelated words: e.g. tree, witch, rock
- Capitalise the first letter of each word: Tree, Witch, Rock
- Separate each word using a punctuation symbol: Tree?Witch?Rock
Add a number: Tree?Witch?R0ck
Use word association
- Amazon – b00ks_&_DVD5 or B00K5//on=line
- PayPal – M@KE-payment5 or is=1T=5AFE?
Use a song or poem
- "Mary had a little lamb, its fleece was white as snow.
- This becomes: MHALLIFWWAS or mhall-IFWWA5
Keeping your password safe
Never share your password with anybody. No reputable service representative will ask you for your password. This kind of attack is known as phishing – someone will pretend to be from your bank or payroll office or Service Desk and ask for the password. This will never be required by a legitimate organisation.
All modern mobile devices allow you to protect your data with a secure pin or password. We encourage everyone to use this feature.
Use different passwords for different systems just as you would have different keys for different doors in your home. Some services offer a password hint. Should a password hint be available, do not use something obvious such as including the line used from a song or poem.
If you've been given administrator access to a system, only use this login when you are required to perform a task which requires your access privileges to be raised.
Further information can be found in the IS Security Advisory on Password Security.
Google 2-Step Verification
Google Apps allows access to files and work from almost any device in any location. But if someone else manages to steal, crack or guess your password then they can get to it too. This can be incredibly damaging, even for people who do not think they have much sensitive data, as the account could be used maliciously.
It is strongly recommended that you use Google 2-Step Verification. 2-step verification adds an additional layer of security to your account because your account is protected by your password and your phone.
Information Security Advisories
As technology develops, new risks and security issues also develop and policies and procedures must adapt quickly to meet the challenges. A central problem in this ‘arms race’ is communication. It can be hard to find the right information and find it quickly when you need it. University staff and students need to have easy access to clear and relevant security guidance. For security management, creating new information or updating existing procedures can be slow and bureaucratic. The University must be agile in creating and publishing security advice.
The IS Advisories are designed to be subject-focused documents, providing clear guidance in supporting the Information Security Policy and Acceptable Use Policy. All IS Advisories are approved by the IS Board and published on the eRecords system.
Advisories governing the identification of account users and protection of account access. This includes the physical access to buildings housing IT equipment.