Staying secure online

12 May 2025

In light of recent high profile cyber-attacks targeting the retail sector, we urge all staff to remain vigilant and follow safe practices regarding their passwords and the use of Multi-Factor Authentication (MFA).

Cybersecurity is a shared responsibility, and your proactive measures can significantly enhance our University's security. 

Key Actions

1. Strengthen Your Passwords: Ensure your passwords are strong, unique, and not reused across multiple accounts. For example, work and personal accounts should use different passwords. Consider using a passphrase or three conjoined words to enhance its strength. 
2. Use of Multi-Factor Authentication (MFA): MFA adds an extra layer of security by requiring a second form of verification. Please enable MFA on all appropriate accounts and check if your current device is listed. If not, be extra vigilant for suspicious behaviour and consider strengthening your password with additional words, special characters, and numbers. Update your phone or device in Duo, the University’s 2-factor authentication service 
3. Stay Alert: Be cautious of Phishing emails and suspicious links. The University of Manchester will never send out emails requesting you to enter your University username and password or bank details. Please send any phishing attempts as an attachment to phishing@manchester.ac.uk to enable IT Services to put a block on any email addresses used for phishing. 

If you have concerns about the security of an IT account, computer or University IT service – or notice any unusual activity – please change your password immediately and report it to IT Services as a potential security incident.  

If you are interested in learning more about staying secure online, you can find a range of information through the UK’s National Cyber Security Centre. 

Thank you for your cooperation and commitment to maintaining a secure environment for our University community.