Quick Link: Change My UMICH Password Now
We recommend that you change your UMICH password every six months. An easy way to remember this is to change your password when you change your clocks for Daylight Saving Time (DST).
If your password is at risk, you may need to change it more often. Ask yourself the questions below to see if you need to change your password now. Balance your answers with the need to have a password that you can remember without having to write it down. If you have a strong, secure password that is easy for you to remember and you use it with care, you may not need to change it as often as someone whose password is more vulnerable.
When you change your UMICH password via UMICH Account Management, a password-strength checker helps ensure that your new password is strong and safe. See Choosing and Changing a Secure UMICH Password (R1162) for tips on selecting a secure, strong password.
Were you informed by ITS or your security unit liaison that you have a weak password?
If so, it's time to change your password.
Have you used your UMICH password for a non-U-M service?
We recommend that you use your UMICH password only for U-M services. Other services may not provide the same level of password protection that U-M does. If you have used your password for non-university services, it's time to change your password.
Have you used your UMICH password on a public network, such as those at hotels or coffee shops?
If you use an insecure network, you should change your password after doing so. If you must use an insecure wireless network, use the U-M Virtual Private Network (VPN) to protect your connection.
Have you told anyone your UMICH password?
Never tell anyone your password! If you have, it's time to change your password.
Did you share your UMICH password with your parents?
Never tell anyone your password, not even your parents! If you have, you should set your parents up with their own Friend accounts instead, and it's time to change your password.
Do you think you may have fallen for a phishing scam?
If you think you may have been tricked by a phishing email into providing your password, it's time to change your password. In fact, do it immediately.
Is your password more than six months old?
It's time to change your password.
Strong passwords are essential, but they aren't enough. Phishing attacks and data breaches put all your passwords at risk, and you need additional security. With two-factor authentication, anyone trying to access your account must provide two proofs of ID:
Some services and websites refer to this as two-step authentication, two-step verification, or login verification.
You can protect your personal information at U-M by turning on two-factor for Weblogin. This includes direct deposit information and W-2s in Wolverine Access, as well as your information in Google at U-M, Box at U-M, and more. (See Services and Systems Covered by Two-Factor for Weblogin.)