ITS periodically conducts an audit of all UMICH passwords for those that are weak. Weak passwords can be exploited by malicious attackers who seek access to university networks and data.
The automated test identifies uniqnames with UMICH passwords that do not meet the university's current password strength requirements. Most people at U-M have strong passwords because of the password strength checker that is now built in to UMICH Account Management. People with weak passwords are asked to use that page to select a stronger password.
ITS provides lists of the uniqnames of members of the university community who have weak passwords to Security Unit Liaisons (SULs). Those SULs may then contact the people in their units and ask them to change their password to something stronger. If your unit's security liaison asks you to select a stronger UMICH password, please do so.
ITS contacts those with weak passwords not covered by a security unit liaison and provides them with instructions for choosing a secure password.
University of Michigan staff will never ask you to provide your UMICH password in email. They may ask you to change your password yourself to make it stronger.