Change Your UMICH password
- If you suspect your U-M account has been compromised:
- Change your UMICH (Level-1) password. For instructions and tips, see Choosing and Changing a Secure UMICH (Level-1) Password.
- Reset your account recovery information in UMICH Account Management so you can reset your password yourself if you forget it.
- If you suspect a personal account has been compromised: Change the password for that account. Choose a strong password and make it unique to that account. Do not use the same password for multiple accounts; that puts all your accounts at risk if one is compromised. Use the same guidance for U-M passwords, but do not ever use the same password for your UMICH account as any other account.
- UM-Ann Arbor: Report a suspected compromised U-M account immediately to the ITS Service Center.
- Michigan Medicine: Report a suspected compromised U-M account immediately to the HITS Service Desk.
- If you suspect a personal account has been compromised, check the account documentation to find out how to report the compromise.
Make Sure Two-Factor for Weblogin is On
When you have two-factor authentication turned on, anyone trying to access your U-M account must provide two proofs of ID. The two factors, or proofs of ID, are:
- Something you know—your password.
- Something you have, such as a passcode, a phone, or even a mobile app.
Two-factor (Duo) authentication for U-M Weblogin is required and automatically turned on for all current faculty, staff, students, and sponsored affiliates.
Alumni and retirees can turn on two-factor authentication for Weblogin to add extra protection for their accounts.
Monitor for Suspicious Activity
- Check your U-M Google email for suspicious activity. Make screen shots showing any settings that have been tampered with to include in your report of the incident.
- Check activity on your account by clicking the Details link at the bottom of your inbox (when accessing your mail from a Web browser). See Google's Last account activity help. Click the Sign out all other web sessions button if you see suspicious activity.
- Check the Trash and Sent mail folders for messages you didn’t send or delete.
- In your Mail Settings, review Forwarding and Filters and delete those you don’t recognize.
- In your Mail Settings, under Account, check the settings for Send mail as and Grant access to your account to be sure these have not been changed.
- Learn more about monitoring and securing your Google Mail, as well as about protecting your personal information and privacy, at Google: My Account.
- Check your other U-M services for suspicious activity. For example, look for files in your online storage space, such as U-M Dropbox, that you did not put there.