Ask a Question
Browse answered questions from other USD community members below, or ask your own question. ITS will confer with the appropriate IT expert, and find an answer. It's completely anonymous, and ITS may even add your question to this page to help other users.
Have a burning security question you have been dying to ask?
Answered Questions
Believe it or not, most security experts don't recommend changing your password unless...
- ...your password is insecure (e.g. less than 12-15 characters, easily guessed, etc)
- ...your password has been or may have been compromised
- ...an account or organization you associate with has been compromised
- ...one of your other accounts has been compromised and this account shares a password
- Generally, the more frequently you change your password, the harder it is to remember, and the greater the likelihood that you will write the password on a sticky note or pad of paper.
- Instead, security experts recommend setting a long, secure passphrase or sentence, and changing it infrequently.
- If your webcam is truly turned off, then it cannot be accessed by anybody. However, since software is used to turn your camera off and on, it can be difficult to tell if your webcam is legitimately deactivated. Additionally, if you thoroughly deactivate your webcam, it cannot be easily turned back on.
- Instead, you can invest in a small webcam cover (or, even cheaper, throw a sticker over the camera!) if your camera doesn't come with one. Most modern webcams have webcam covers. Pair this with safe web browsing habits, checking your browser for malicious plug-ins, and watching for the LED light on your webcam can be a less intrusive way to protect yourself against webcam spying.
Yes! 2-Factor Authentication is an amazing, extremely effective resource to reduce the risk of a compromised account!
2-factor authentication (2FA) and multi-factor authentication (MFA) require an additional step before you are able to log into your accounts - usually a phone. Logging into an account requires not only the password, but validation that you have the device, often via phone call, text message, or push notification.
The beauty of this system is that if your password gets stolen, and someone tries to access your account, they would need to have access to your phone as well. Additionally, when they try to log in with a stolen password, you'll receive an alert on your phone.
Because of 2-factor authentication's proven security improvements, ITS has implemented 2-factor authentication via Duo for the Saviynt and Aruba VPN systems on campus.