Account Security and What to Do if Your Account is Compromised


This article contains information on preventing an account compromise as well as how to regain access once an account is compromised. 


Tips to Prevent an Account Compromise

Taking steps to prevent an account compromise is an action that takes little effort on the front end, and can prevent quite a bit of inconvenience in the future. It is in the best interests of the student and the University to make sure to use appropriate password protection techniques that could include disabling file sharing and scanning for viruses. Listed below are a few tips to help keep an account secure:

Beware of Phishing. Often e-mails will be sent out that look like they are from the University of Oregon or the Technology Service Desk (TSD). Please remember that the University of Oregon will never ask you for your password in an e-mail. You will receive e-mail notifications to reset your password every 180 days, and the link in said e-mail will take you to the Duck ID Self-Service page. If an e-mail goes out that takes you to another page—even if it looks like the password reset page—do not type in your information! 

Instead, forward a copy of the e-mail to

Do not share your UO account information. Not only would sharing put your account at risk of compromise, but it is also not allowed by the Code Of Responsibility For Security And Confidentiality Of Records And Files.

If you write your password down, do not leave the paper where someone else can find it.

  • It is recommended you use a password manager to maintain a strong and unique password for each individual account

Choose a secure password for each account. Your password should be difficult to guess, but easy for you to remember. The following is the password security criteria required by the University of Oregon:

  • Password should not be a word in the dictionary  
  • Maximum Length: 127 characters
  • Minimum Length: 8 characters
  • The minimum number of character rules: 3 of the following:  
    • Lowercase
    • Numeric 
    • Special  
    • Uppercase  
  • Must not contain your: UO ID, email, first name, full name, last name, nickname, UO ID  
  • Must not be one of your last three passwords

For advice on how to create a strong password, see How To Create A Strong Password.

Be sure to guard the Security Questions and answers you defined when creating your account with anyone, be aware that the security questions page can be accessed by anyone and Facebook contains a great deal of personal information that can be used to hack into your account. With this in mind, be careful what you post on social networking sites.

If you have reason to believe that your account has been compromised, please contact the Technology Service Desk (TSD) immediately at (541) 346-HELP (346-4357).

For more information, watch the Protecting Yourself Online video.

Regaining Control of a Compromised Account

If you believe your account has been compromised it is very important that you attempt to reset your password by clicking Forgot Password? on the Duck ID Self-Service page. This will prevent anyone from logging into your account in the future. Once you have performed this step, please ensure that the account's security has indeed been compromised and the cause was not something as innocent as having forgotten your password.

If you are unable to reset your password, contact the Technology Service Desk (TSD) at 042 EMU or over the phone at 541-346-4357.

Run a virus scan for malware installed on your machine. McAfee Endpoint Security is preferred. Often, access to the account was obtained through phishing, a Trojan virus, or a key logger.

  • Windows
    • Information on how to install McAfee for Windows can be found here.
  • OS X
    • OS X does not have a built-in anti-virus scanner so it is recommended that you install anti-virus software. Information on how to install McAfee for Mac can be found here.

When an account is reported or appears to have been compromised, the University of Oregon will quarantine the account while we conduct an investigation. Once we are confident that account access privileges have been restored to the user (and only the user), we will enable access to the account.

Some indicators your account may have been compromised are:

  • There are login attempts from multiple states/countries in a short period of time
  • You have clicked on a known phishing email
  • Malware was detected on your device
  • There is account activity from on campus and off campus at the same time
100% helpful - 1 review


Article ID: 41456
Thu 10/26/17 3:54 PM
Thu 5/27/21 8:23 AM