Top of the page

[About accessibility] [Skip UCSF navigation]

• University of California San Francisco
• About UCSF
• Search UCSF
• UCSF Medical Center

[Skip breadcrumbs navigation]

UCSF  School of Pharmacy  PharmD Degree Program  Information for Current Students  Computer Services  Accounts, Logins, and Passwords  How to Keep Your Accounts SecureEnd of breadcrumbs navigation

UCSF School of Pharmacy

How to Keep Your Accounts Secure

This page describes recommended practices for handling passwords. These practices are a recommended part of Computer Security.

Never share your password.

If you share your password with someone, then later your relationship to that person changes, will you remember at that time to change your password? Probably not. Or if that person intentionally or unintentionally causes a problem with the computer system using your login and password, it is likely you who will be held accountable -- not the other person.

Insist that other people get their own accounts, or use software that was designed for multiple users.

In some situations, a password is shared amongst several users when it grants access to a shared resource. In these cases, your password should never be shared with anyone not known to have permission to the shared resource. If it is later determined that one or more persons are to no longer have access to the shared resource, the password must be changed and distributed to only the remaining users.

Never let others watch while you type your password.

• Can someone near you or behind you see you type your password?
• Can someone outside your window discover your password with binoculars or a telescope?

Log out properly.

When logging out of an account, don't walk away from the computer until you've received feedback from the system that you have logged out completely. When using a shared computer, such as at a computer lab or cafe, close all browser windows if possible -- even if the system notified you that you are logged out -- just in case the browser has been set to cache web pages. For example, if you log in to your bank account, then log out, then select the browser's Back button once or twice, can you see your account information?

Change your password regularly and never reuse passwords.

This significantly decrease the chances of brute force attacks succeeding. Unfortunately, not all UCSF systems enable you to change your password. See the List of Accounts for details. Avoid using the same password for more than one account.

Store your password securely.

Avoid writing passwords down on paper, which can be lost, forgotten, or stolen. Instead, use a password manager. Avoid storing passwords unencrypted, and be aware of what password recovery tools can do.

The most secure way to store a password is to memorize the only copy of it.

Using a password manager means you have to remember only one master password which grants you access to all your other passwords. If your password manager file is lost, forgotten, or stolen, all your passwords still remain encrypted and protected.

Go To: Accounts, Logins, and Passwords

More Computer Security

The password practices described here are only a small part of ensuring computer security. For more information, see the Computer Security guide and beware of scams.

[Skip section-level navigation]

Accounts, Logins, and Passwords

Overview |

How to Choose a Password |

How to Keep Your Accounts Secure

Managing Your Passwords |

List of Accounts |

End of section-level navigation