Office of the Chief Information Officer

Passwords & Email Security

There are numerous practical ways that users can contribute to their own security as well as the security of UFV's information network.

While these practices may seem obvious, they are often disregarded or ignored, exposing the user to unexpected and unwanted consequences.

Creating a strong password

The strongest passwords are seemingly random to anyone but you. They are 10 characters in length or greater, and contain a combination of upper and lowercase, symbols, and numbers. Cxrt4!yud99&eGX3 is an example of a great password because it is extremely difficult to guess, but it is also very difficult for you to remember!

 

Password Strength

 

 

Step 1: Develop a phrase that is easy for you to remember

  • Think of your favorite song lyrics, poem, or a memory that is special to you.
    • Example: CampingInTheWoods
  • At least 10 characters long is recommended, but more is better.

Step 2: Make your password

  • Use the phrase you want in conjunction with upper and lower case characters, numbers, and special characters for a strong password. 
    • Example: Camping!InTheW00ds

Step 3: Keep it safe with a password manager

Because people tend to have multiple accounts, either locally on their computer or online, the temptation is to use the same password for every account (particularly if they have a favorite password that is easy to remember).

This is a dangerous practice; should the password fall into the hands of another person, they now have access to all of the accounts "protected" by that password. The best practice is to have a unique strong password for each account.

  • Download a password safe program, these programs allow you to record and securely store all of your passwords in one place.
  • Two examples of password safe programs are KeyPass and PasswordSafe. Both are easily downloaded and installed and, best of all, they are free.

Email Security

Third Party Services

If you use third party email services (e.g., Gmail, QQ Mail, 163/126 Mail, etc.), you may experience problems when sending or receiving email.

If you are using a third party service to send email from your UFV student email, your emails may not be delivered. Spam filters at UFV and other institutions may regard emails sent this way as spam. To ensure your emails are delivered, use only your UFV student account to send email. 

You may also experience issues receiving emails when auto-forwarding is set up in Zimbra. UFV cannot guarantee or track delivery to and from these third party services. For this reason, it is best practice to use only your student email. 

Login instructions:

Direct: use your myUFV credentials to sign in directly at mymail.ufv.ca
myUFV: sign in at my.ufv.ca, and click the link in the Student Email box.

SPAM, Scams, & Phishing

Spam is unsolicited, irrelevant, or inappropriate messages sent on the Internet to a large number of recipients. Sometimes, spam comes from corporate advertisements. Other times, spam comes from cyber criminals.

Phishing is a scam where you are tricked into revealing personal and sensitive information such as login credentials and banking details. Attackers usually do this by pretending to be someone you know or trust.  Spear Phishing is when the attack is personalized to you or your organization.

You can be tricked into thinking an email is really from someone you know, but the sender address has been forged. It is commonly used to mislead you (such as in a phishing attempt), but can be used as a prank.

Avoid and Reduce: Be careful about where you share your email address. If your email appears on a public directory or social media, it can easily be found by scammers.

Block: Make use of your Quarantine Inbox's block feature. Sign in with the following credentials: 


Username: Your full @ufv.ca email address (NOT your AD username)
Password: Your network/email password

Once logged in, go to PREFERENCES > Whitelist/Blacklist. To add an entry, type an email address into the blacklist field and click the Add button.

Most importantly... Report suspicious emails to phishreport@ufv.ca so that we can take action.

Email Viruses and Malware

Malware

Malware is short for "malicious software". They are computer programs that are specifically designed to disrupt, damage, or gain unauthorized access to a computer system.

Malware Types

There are many types of malware. We understand... all the different terminologies can be confusing. Here are six common types of malware you might encounter:

Virus: Like a biological virus, computer viruses are able to replicate and spread on their own. They typically have a detrimental effect, such as corrupting your computer or destroying your data.

Trojan Horse: Trojan horses are designed to infiltrate your computer system while masquerading as a benign program. One of the most common types of trojan horse viruses are ones which pretend to be anti-virus software, but they are really viruses themselves. Clever!

Ransomware: Ransomware is designed to block access to your computer or files until a sum of money is paid, usually via non-refundable wire transfer or bitcoin transactions.

Spyware: Spyware is designed to covertly transmit your data (files, key strokes, and data) to the attacker's computer. True to its name, it spies on your activity.

Macro: A macro virus is written in a program's macro language (a language used to automate tasks within the program). As such, macro viruses are commonly distributed through documents and other files. Once you open it, macro viruses will use the program's macro language to automatically perform a sequence of tasks. These can modify your documents, delete them, send a copy of the virus from your email, and other things.

Bot: A malicious bot ("robot") is a self-propagating malware that is designed to infect computers and the perform some task it receives from an attacker. A number of bot computers is collectively called a botnet. If your computer is part of a botnet, it may send scam and phishing emails or perform attacks against other computers without your knowledge.

Contact Us