How to Secure Your Sensitive Information

Protecting personal and private information from identity theft and scams should be a top priority for everyone. And as an online student who spends a lot of time completing work electronically, it’s especially important for you to be diligent in keeping your information secure.

We asked the Penn State World Campus HelpDesk — your 24/7 resource for IT help — for tips on simple steps you can take to protect your information.

Q: How can I keep my password safe?
A: Use Penn State’s best practices to create a strong password. Also, do not use your Penn State password for non–Penn State services. If you have used your Penn State password as your personal password for email, online shopping, online financial activities, or other online services, you should change it.

Q: How can I change my password?
A: To change your password, go to, where you can also set or update your security questions, or get help if you have forgotten your password.

Q. What is two-factor authentication?
A: Two-factor authentication (2FA) adds another layer of security when you log in to Penn State systems. If you use 2FA, you’ll be prompted to take an additional step to verify your identity after you enter your user ID and password. You’ll need to approve your login request or enter a special passcode that you receive on another device.

You can receive 2FA login requests and passcodes using a smartphone, landline phone, or a special 2FA device (token). When you enroll in 2FA, you’ll choose the device you want to use — and you can and should choose at least one backup device in case your first choice is ever unavailable. We encourage students to use 2FA, as it helps to protect all of your personal information and academic and financial records with Penn State. Learn more and enroll in 2FA.

Q: What is phishing and how can I avoid it?
A: Phishing is an attempt to steal personal information from someone, usually via a fraudulent email message or phone call that appears legitimate. No one from Penn State will ever email you for your password. To avoid phishing:

  • Don’t click on any links in emails asking you to change your password; instead, enter the URL into your browser on your own to visit the website directly.
  • Verify emails and links in emails you get from your social networking, school, or bank sites; if you are suspicious, do not click on the links
  • Don’t open attachments in emails from unsolicited email addresses; these can contain viruses.

Q: What should I do about viruses or spam?
A: We also recommend that you install a reputable anti-virus and anti-spam application and keep it up to date. Penn State allows you to download Symantec antivirus for free with your student account. Visit and find the Symantec Antivirus program for your operating system, under “Virus Detection/Spyware Tools.”

Q: What are basic things I can do to keep my personal information safe?
A: Never share your Penn State user ID or password with anyone or provide your Penn State credentials to any non–Penn State service. Also, be prudent about everything you post online, not just your Penn State activity. Never post information such as your Penn State ID, password, driver’s license, Social Security Number, bank account, or credit card data.

Feel free to contact the Penn State World Campus HelpDesk with any questions or if you need assistance changing your password.

Photo by Jose Fontano on Unsplash