Tip: Immediate change of password due to compromise

RUB » Information security » Hints

IT-Sicherheitsvorfall/IT-Notfall | A-Z | Kontakt/Beratung

Password change due to compromise

If your password is compromised, e.g. through loss when visiting a phishing site or when your computer is infected with malware, it is important that you act as quickly as possible.

This article provides a quick overview of what you need to do and consider in this case.

For technical support, please always consult your IT support team

When do passwords need to be changed?

You should change your password immediately if:

your password has been compromised – e.g. through phishing
your IT device has been compromised – e.g. through infection with malicious code

What should be considered when changing passwords?

Please note:

Passwords should never be used more than once.
- A compromised password must always be changed for all services and accounts where you have used it.
- Please bear in mind: Attackers know you and your accounts.
- Once a password has been compromised, it remains compromised forever. You must assume that it is being traded on the dark web in conjunction with your name and account.
- Please use a password for exactly one service or exactly one account

Password changes should not be made via a compromised system.

If you suspect that your IT device is infected with malware, use another secure system to change your password temporarily, if possible.

How should password changes be made?

Start by changing the password for your RUB login ID in RUB Identity Management.

Link to RUB Identity Management: https://rub.de/login

On a compromised IT device, all passwords used are always compromised.

If an infection with malicious code has been detected on your IT device/workstation, please recap which accounts you have used on the affected device. These may include:

Sciebo account

Link to Sciebo ID management: https://www.hochschulcloud.nrw
- Notes: Your account name corresponds to your ‘RUB email address’ (in the long form: @ruhr-uni-bochum.de). Do never use your RUB password as your Sciebo password.
- Local accounts, e.g. of the affected IT device or other local computers or local directory services in your area
  - Please clarify this with your local IT administration
- Remote accounts, e.g. those you have used via mail clients and web browsers
  - Such as mail accounts with external providers, external cloud services and web shops
    Please include accounts with: Google, Apple, Microsoft, Amazon.
Further information on effectively securing your accounts and digital identities can be found in the next section

Four tips for securing your accounts and digital identities.

Activate two-factor authentication to secure your RUB loginID.
- You can find instructions for this at IT.SERVICES
Specify an alternative contact address in RUB Identity Management and check your data there regularly to ensure it is up to date.
- Link to RUB Identity Management:: https://rub.de/login
Use a password manager.
The Information Security office recommends using a password manager. Employees who use IT hardware from IT.SERVICES can download and use the KeePassXC programme via the Self Services Portal in the ACMP Kiosk. Instructions are provided with the software.

Keep track of the accounts and services you use.
Make a note of your accounts and the associated services offline or in a password manager. This applies in particular to accounts and passwords that you may have saved in your email client or web browser.