IT Services


Keep your password safe

Best practice advice

  • Never enter your password in a webpage unless it is a University webpage which begins 'https://' and ends 'manchester.ac.uk' in the address line.

Only pages that begin with 'https://' are secure. If you are asked to enter your username and password to a site which does not have 'https://' in the address line, report it to the IT Support Centre.

  • Don't let anyone watch you entering your password
  • Don't put your password in an email as it may get intercepted
  • Don't use your University password for non-University access (e.g. online banking)
  • Don't enable 'auto complete user names and passwords' in your web browser, as someone else may have access to your device
  • Use different passwords for different systems and services

Writing your password down

If you have lots of different passwords and need to write them down, make sure you store them securely (e.g. a locked drawer). They must not be kept anywhere easily accessible such as sticky notes stuck to monitors or underneath keyboards.

Using a password manager app

It can be difficult to remember a selection of passwords, both here at the University and at home. Password manager apps are independant (non-University) applications that can safely store a variety of passwords and make them easy to reference when you need to. There are a number of password manager apps available to download from various online app stores, however if you are looking to use one of these with your University passwords then you must ensure that you choose a password manager app that conforms to our University's password security criteria.

Some of these are suggested in our Password Technical Security Standard document (see section 5.4 - Password Manager Technologies).

Old door latch

Keep it safe