Penn State is continuing to respond to the spread of coronavirus. Monitor our Coronavirus Information website for more updates.

How to Secure Your Sensitive Information

Protecting personal and private information from identity theft and scams should be a top priority for everyone. And as an online student who spends a lot of time completing work electronically, it’s especially important for you to be diligent in keeping your information secure.

We asked the Penn State World Campus HelpDesk — your 24/7 resource for IT help — for tips on simple steps you can take to protect your information.

Q: How can I keep my password safe?
A: Use Penn State’s best practices to create a strong password. Also, do not use your Penn State password for non–Penn State services. If you have used your Penn State password as your personal password for email, online shopping, online financial activities, or other online services, you should change it.

Q: How can I change my password?
A: To change your password, go to, where you can also set or update your security questions, or get help if you have forgotten your password.

Q: How does two-factor authentication protect my personal information?
A: Two-factor authentication (2FA) adds another layer of security when you log in to Penn State systems. By adding a login credential in addition to your user ID and password, you can ensure that the only person logging in to Penn State systems with your account is you. Remember, it is important to keep your 2FA settings up-to-date so you can access Penn State resources quickly and easily while keeping your information secure. We also strongly suggest that you have at least one backup device connected to your account, in addition to your primary device(s). To add or remove devices or get help with any 2FA issues, log in to your Penn State account at

Q: What is phishing and how can I avoid it?
A: Phishing is an attempt to steal personal information from someone, usually via a fraudulent email message or phone call that appears legitimate. No one from Penn State will ever email you for your password. To avoid phishing:

  • Don’t click on any links in emails asking you to change your password; instead, enter the URL into your browser on your own to visit the website directly.
  • Verify emails and links in emails you get from your social networking, school, or bank sites; if you are suspicious, do not click on the links
  • Don’t open attachments in emails from unsolicited email addresses; these can contain viruses.

Q: What should I do about viruses or spam?
A: We also recommend that you install a reputable anti-virus and anti-spam application and keep it up to date. Penn State allows you to download Symantec antivirus for free with your student account. Visit and find the Symantec Antivirus program for your operating system, under “Virus Detection/Spyware Tools.”

Q: What are basic things I can do to keep my personal information safe?
A: Never share your Penn State user ID or password with anyone or provide your Penn State credentials to any non–Penn State service. Also, be prudent about everything you post online, not just your Penn State activity. Never post information such as your Penn State ID, password, driver’s license, Social Security Number, bank account, or credit card data.

Feel free to contact the Penn State World Campus HelpDesk with any questions or if you need assistance changing your password.

Photo by Jose Fontano on Unsplash