The UMICH Password Hub is the mechanism used to synchronize passwords among U-M systems to minimize the number of user IDs and passwords you need to keep track of.
ITS uses MCommunity as the secure UMICH Password Hub to provide seamless integration with several different systems used for logging in to university computing services. UMICH (Level-1) passwords are synchronized to
By using the UMICH Password Hub in MCommunity, management of password changes and resets is kept within the university so that appropriate security can be assured. Members of the U-M community use the U-M Change Password page within UMICH Account Management when they wish to change their UMICH password. (See also Choosing and Changing a Secure UMICH Password.)
Password changes are not allowed in the systems that use passwords synchronized from the UMICH Password Hub. For example, users of
By enabling the use of the UMICH password for cloud-based and other new services, vulnerability to phishing and other social engineering attempts at password theft is reduced. In addition to being difficult for users to keep track of, multiple passwords can create confusion that puts people at risk for such attacks.
UMICH passwords are stored in encrypted form in the MCommunity Identity Vault. It's called a vault for a reason. It is protected, secure space.
MCommunity has the ability to further encrypt passwords according to the specifications required by systems such as Google, Microsoft Active Directory, and others used for services provided to the university. MCommunity sends encrypted passwords to other systems only over a secure connection. ITS Information and Infrastructure Assurance has reviewed the encryption and transfer processes and finds them trustworthy and secure.
For U-M's information technology policies, including those concerning security and privacy, see General Information Technology Policies.