Because many individuals use their Miami passwords to access multiple websites outside of the university, and those sites could be compromised by the Heartbleed bug, all faculty and staff will be required to change their Miami passwords.
Everyone is strongly advised against using their Miami password as their passwords for accessing non-Miami websites or services.
You will get the password change message when you log into Miami services sometime over the next week. As always, you will have two weeks to make that change before you are locked out. If you have any problems with the password change process, contact IT Help at (513) 529-7900 or ITHelp@MiamiOH.edu.
The security of your personal information, as well as university information, is only as strong as your password. Creating different passwords for every site you use is a basic precaution that everyone should take. If you have trouble remembering all of those passwords, use a password storage tool (like LastPass or KeePass). Alternatively, use a “password scheme” which uses a complicated password root that you can remember and adds the first and last letter of the site to that root. For example, the root “rh1809!mu” is “frh1809!muk” for facebook.com, and “grh1809!mul” for gmail.com.
As announced on April 9, no Miami servers containing sensitive or confidential information were compromised by the Heartbleed vulnerability. This step is being taken to reinforce the significance of the Heartbleed bug and the importance of following good password security practices at all times for all of your Internet activity.
Watch for information on a new information security tool that will be launched May 21st. Two-factor authentication will protect access to grades and banking information. Information about this new authentication system will appear in the eReport, myMiami and other communication this spring.