Precautions

Passwords

Password theft could violate your privacy and allow access to your personal information and even financial services. A secure password is much more difficult to get around. Protect your passwords with the following recommendations:

• The passwords must not be less than eight characters in length. The longer the password, the greater the security.
• Create passwords by mixing alphabetic characters (where uppercase and lowercase are combined), digits and even special characters (@, ¡, +, &).

• Use different passwords depending on the use (for example, do not use the same password for an email account and to access banking services).
• A good method to create a secure password is to think of a phrase that is easy to memorise and shorten it by applying a simple rule.
• Passwords must be changed regularly. 
• The password must not contain the user name of the account, easy to guess personal information, or series of letters which are next to each other on the keyboard or in alphabetical or numerical order.
• You should avoid passwords that contain existing words in any language. One of the most well-known attacks uses dictionaries.
• Passwords should not be stored in a public place and within the reach of others.

• Do not share passwords on the Internet (by email) or by phone. It will almost certainly be a scam. The University of Almeria will never ask you for this type of information.
• Do not use the "Save password" option that is sometimes offered, which means you don’t need to enter your password each time you log in.

The passwords for services provided by STIC conform to the following standards:

• The password expires after 6 months.
• It must contain between 8 and 30 characters (at least 2 numerals).
• It must not contain the login details (or vice versa).
• It must not contain the previously-used password (or vice versa).
• It must be different from the login details by at least 3 characters.
• It must be different from the previously-used password by at least 3 characters.
• It should not match any of the 4 previous passwords.

• If the site allows it, it's a good idea to restrict access to your profile. Do not allow people you don’t know to access information about you.
• Keep your information private. Never send your full name, ID, etc.
• Choose an alias that is different from your real name. Avoid the use of any personal information that helps identify you or locate you to someone who is online.
• Think twice before posting your photograph. Photos can be used to identify the user who is online. Also, photos can be altered or shared without your knowledge.
• Do not post information that makes you vulnerable to a physical attack, for example, your class schedule or address, etc.

• If you are contacted by a stranger, find out if a friend made contact with that person. If you agree to meet with a contact, make sure it is in a public place and always in the company of others.
• Trust your instincts. If you feel threatened or uncomfortable during an online conversation, do not continue with the chat. Report any offensive behaviour to the appropriate website administrator.
• Manage your contact list. Think about whom you want to share it with and configure privacy options accordingly. Before adding new people to the social network, consider whether the user will be able to see your personal data and photos, send you messages, etc. Make sure you trust them.

• Choose the most recognised and reputable sites to make online purchases and avoid using unknown sites.
• Look for cash on delivery. If the website does not have that option, check if it uses a payment service like PAYPAL.
• Another good strategy is to use a prepaid bank card. Find out more from your bank or building society.
• Check that the webpage where you have entered your account or bank card details is an https address instead of the typical http.

More information at the Office for Internet Security.