How to Secure Your Sensitive Information

Protecting personal and private information from identity theft and scams should be a top priority for everyone. And as an online learner who spends a lot of time completing work electronically, it’s especially important for you to be diligent in keeping your information secure.

We asked the Penn State IT Service Desk — your 24/7 resource for IT help — for tips on simple steps you can take to protect your information.

How can I keep my password safe?

Use Penn State’s best practices to create a strong password. Also, do not use your Penn State password for non–Penn State services. If you have used your Penn State password as your personal password for email, online shopping, online financial activities, or other online services, you should change it.

How can I change my password?

To change your password, go to, where you can also set or update your security questions, or get help if you have forgotten your password.

How does Microsoft Multifactor Authentication protect my personal information?

Microsoft Multifactor Authentication (MFA) adds another layer of security when you log in to Penn State systems. By adding a login credential in addition to your user ID and password, you can ensure that the only person logging in to Penn State systems with your account is you. Remember, it is important to keep your MFA settings up-to-date so you can access Penn State resources quickly and easily while keeping your information secure. We also strongly suggest that you have at least one backup device connected to your account, in addition to your primary device(s). To add or remove devices or get help with any MFA issues, review the MFA guide on the Penn State Account Management site. 

What is phishing and how can I avoid it?

Phishing is an attempt to steal personal information from someone, usually via a fraudulent email message or phone call that appears legitimate. No one from Penn State will ever email you for your password. To avoid phishing:

  • Don’t click on any links in emails asking you to change your password; instead, enter the URL into your browser on your own to visit the website directly.
  • Verify emails and links in emails you get from your social networking, school, or bank sites; if you are suspicious, do not click on the links
  • Don’t open attachments in emails from unsolicited email addresses; these can contain viruses.

What should I do about viruses or spam?

We also recommend that you install a reputable antivirus and anti-spam application and keep it up-to-date. Macs come with the proprietary XProtect antivirus from Apple; Windows provides their proprietary Windows Security antivirus. If users wish to use a different antivirus program, the best rated antivirus and malware scanners are paid subscription services.

What are basic things I can do to keep my personal information safe?

Never share your Penn State user ID or password with anyone or provide your Penn State credentials to any non–Penn State service. Also, be prudent about everything you post online, not just your Penn State activity. Never post information such as your Penn State ID, password, driver’s license, Social Security Number, bank account, or credit card data.

Feel free to contact the Penn State IT Service Desk with any questions or if you need assistance changing your password.

Photo by Jose Fontano on Unsplash