Carnegie Mellon University

Responsible password management safeguards everyone's account.

January 12, 2018

Shared Security

We share responsibility for each other's online security at Carnegie Mellon, because we share resources. To help safeguard them, the university's Information Security Office (ISO) recommends these password management actions.

  • Change your Andrew password periodically, especially if you log in to public computers or connect via open Wi-Fi networks.
  • Never share your password with anyone, not with friends, family or an email sender claiming to be from Computing Services or the Help Center.
  • Don’t use your Andrew password for other accounts. Create a unique password for every account and, if you want, use an ISO-recommended password manager.
  • Consider using a passphrase instead of a password. A passphrase is made up of a sequence of words with numbers and special characters inserted throughout.
  • Always verify that a URL is affiliated with the university before you enter your Andrew userID and password. The web address of all official Carnegie Mellon websites begins with "https", indicating that they are secure sites. And, most frequently used university login pages contain "" at the end of the URL.
  • Follow these same recommendations when you reset your Andrew userID password.

Visit Computing Services to learn more ways to secure your account