Your account, password, and data

Password requirements

Your password must be at least 14 characters long and cannot include your name or date of birth.

Mix in capital letters, numbers and special characters to make it even more secure.

• Avoid using any data that can be easily guessed, like 'Canterbury' or 'student'.
• Never share your password with anyone.
• Do not write down the password itself, but rather a hint that will trigger your memory (your 'favourite drink’ might remind you of your password 'CupAchin0fromTACH_').

No one at the University will have a need to ask you for your password. 

Stuck for ideas?

Consider using numbers to replace certain letters or phrases in your password (4 instead of ‘for’, 3 instead of ‘E’, 0 instead of ‘O’).

You can form your password out of a sentence that only you will remember. This can be anything from a common phrase to a life event that means something specific to you.

For example:

• I<32work4IT@3CU (I love to work for IT at CCCU)
• B3autiFulS!lver:) (Beautiful Silver)
• CupAchin0fromTACH_ (Cappuccino from Touchdown cafe)
• $unshine_c@f3_7 (Sunshine cafe on 7th street)

Use the 'Forgot my password' link on the 'Sign in' screen and follow the prompts. 

Choose the 'I’ve forgotten my password' option and follow the instructions.

Your new password must be at least 14 characters long and cannot include your name or date of birth.

Use the 'Forgot my password' link on the 'Sign in' screen and follow the prompts. 

Choose the 'I know my password, but still can’t sign in' option and follow the instructions.

If you need help, contact the i-zone.

Multi-Factor Authentication (also known as 'MFA' or 'Two Factor Authentication') verifies your sign-in attempts to your CCCU computing account, and helps you recover access to your account if you forget your password.

You set up at least one authentication method when you signed into your account for the first time.

For security and flexibility, you should set up both of the following authentication methods:

• The Microsoft Authenticator app – verify your identity when you log into your account by approving a smartphone notification. 
• A phone number – receive a security code via SMS (text message), or an automated phone call.

An email address can be used as a recovery method to reset your password but cannot be used to authenticate when you try to sign into your account.

Find the set-up instructions in the sections below.

Any personal information you enter into the Microsoft Account Recovery system will only be stored and used for the purpose of account recovery and access.

This will allow you to access your account even if you lose your phone or upgrade to a new one, provided you still use the same phone number.

1. Go to My Account page and select 'Security info'.
   Sign in if required.
2. Click on ‘+ Add sign-in method’.
3. Select ‘Phone’ and click ‘Add’.
4. Select your country, enter your phone number, and choose if you want to authenticate with a text code or a call. Click 'Next'.
5. You receive a text code or a phone call to verify. Click ‘Done’ to complete the setup.

If you need help, contact the i-zone.

Note: If you set up a mobile phone number as an authentication method and have WhatsApp installed on that phone, your notifications will be sent to you on WhatsApp from Microsoft's verified business account - number +1 (217) 302 1989. If WhatsApp is unavailable, your notifications will be sent to you as a standard SMS messages.

A recovery email address allows you to reset your password but cannot be used to authenticate when you try to sign into your account.

An email address can be used as a recovery method 

1. Go to My Account page and select 'Security info'.
   Sign in if required.
2. Click on ‘+ Add sign-in method’.
3. Select ‘Email’ and click ‘Add’.
4. Enter a recovery email address (don't use your CCCU address), and click ‘Next’.
5. Enter the code sent to your recovery email address and click 'Next' to complete.

If you need help, contact the i-zone.

You need a computer and a smartphone to follow these instructions:

1. On your computer, go to My Account page and select 'Security info'.
   Sign in if required.
2. Click on ‘+ Add sign-in method’.
3. Select ‘Microsoft Authenticator’ and click ‘Next’.
4. Download the Microsoft Authenticator app onto your smartphone.
5. Once installed, tap ‘+’ in the app and select ‘Work or school account’.
6. Using the app, scan the QR code displayed on the computer screen and click 'Next'.
7. Approve the test notification you get on your smartphone and click ‘Next’ on the computer to complete.

If you need help, contact the i-zone.

Your account will remain open 4 months* after your 'Expected End Date' - find this date in My Record. Once your account is closed, you will not be able to sign in and access your files.

*This period may be longer for courses with additional post-study requirements. Check with your Course Team whether this applies to you.

A month, a week and three days before your account is due to be closed, you will receive an email reminding you to save any student work, files, or emails you want to keep. 

If you return to study with us again, we may be able to re-activate your account but, depending on the time passed, some or all your data might have been deleted.

If you need any help or you believe your 'Expected End Date' is incorrect, contact the i-zone.

Here are our top tips on how to keep your information safe.

• Change your password regularly. Use secure passwords that combine capital letters, numbers, and special characters.
• Do not share your account details with anyone. This includes family, friends, colleagues or even your manager. Always lock your computer or log out of your account when you spend time away from your desk. 
• Always set a lock code on your mobile devices. Do not share this code with anyone.
• Be careful when clicking on attachments or links in emails. If you are not sure about a link do not click on it! Be wary of any communication that asks for your personal details.
• Save your work regularly. We recommend you store your student work on your OneDrive. 
• Make sure your anti-virus software is up to date. Regularly update the antivirus and the operating system on your own computers and mobile devices. Take advantage of the free Sophos anti-virus we provide - find it in the Catalogue on the CCCU App Store.
• Be careful of what you share online. Never share confidential or privileged information. Also check your social media privacy settings

Read our Social Media Guidelines that help to protect and support you if you contribute to and engage with social media.

What to look out for?

While we take every step possible to filter out spam and other suspicious communications, sometimes scam emails do slip through. Things to look out for include:

• Impersonal greetings
• Probing questions
• Urgent warnings
• Bad spelling and formatting
• Threats
• Password or bank details requests

What can you do?

Always treat emails with a degree of caution – especially when they ask for personal information and look like they come from an official source.

• If you receive a suspicious email, do not open any file attachments.
• If you have concerns, contact the sender directly via trusted channels such as their customer service line, or the official website.
• Beware of links in email. If you see a link in a suspicious email message do not click on it.
• Report scam and phishing emails with the 'Report Phish' button
  Find it next to the email 'Forward' button in the Outlook Web app

Phishing Scam Targeted at University Students

No legitimate organisation will ask for your personal information such as your password or bank details by email. Scammers may pretend to be your bank, Student Finance Company, or the University. If you are ever unsure, contact the organisation directly via trusted channels such as their customer service line, or the official website.

Still unsure?

If you are unsure about any email you have received, or about anything relating to online security, contact the i-zone.