Account Security

Considering the importance of your CMU account and how necessary it is, account security is critical. Please note that some of the resources linked from this page are only available with a valid and functioning Global ID and password.

If you believe that your account has been compromised for any reason, or if it has been temporarily deactivated for your protection, it is of the utmost importance that your account be secured immediately.  Please contact the Help Desk at (989) 774-3662 so that we may assist you in securing your account. If the Help Desk is unavailable to assist you immediately, please reset your own password immediately, if possible. This is the single most effective action that can be taken to protect yourself, and the integrity of data and technological resources of Central Michigan University.  Care should be exercised to make your new password fundamentally different than your old password.  The old password should NEVER be re-used, and your CMU password should never be used as a password for any other site.

Accounts can be compromised by a number of mechanisms, but the most likely culprits include:

• Phishing Attempts:  If you possess evidence that you have fallen prey to a phishing attempt, a simple password reset is usually sufficient to remedy the situation. 

• Virus / Malware / Key-logger Software:  If you believe your account was compromised by a virus, malicious software, or a key logging software, a password reset should be performed immediately, the machine should be cleaned with a legitimate anti-virus and malware software, and the password should be reset immediately again once any offending software is removed, as a secondary compromise may have occurred in the interim.  If you do not feel certain you are able to adequately clean your device yourself, local technicians are available to evaluate your machine.

• Spoofing:  Spoofing is a process by which it may appear that your account is compromised, though in reality no compromise has technically taken place.  Problematic email may appear to be from a particular account, but is sent routed through a different account or server.  In most instances, spoofing will not be resolved by a password reset.  If email spoofing is evident, forward the offending messages (when available), as an attachment to helpdesk@cmich.edu. 

Central Michigan University is committed to providing the best possible balance between technological accessibility and security.  Toward this aim your account credentials must be kept private. 

You must never relay your account credentials to others, as solicited by email, or otherwise.

You must be vigilant in attempting to identify problematic messages and report them.

You must exercise an abundance of caution to recognize suspicious signs.   If there is any question of legitimacy of any request, non-compliance is probably best!

Central Michigan University systematically monitors traffic to detect intrusions and traffic types indicative of compromised accounts.  If your account is found to be compromised it will be disabled until the account is secured, the problem can be resolved, and any machines involved remediated.  If your account or machine is compromised, you may receive an email notification.  The safest thing to do is to immediately dial the Help Desk at the number you've grown to trust: (989) 774-3662.

If you have evidence or information that the compromise has resulted in criminal activity, the matter should immediately be reported to the CMU Police Department, at (989) 774-3081.

If you have any additional questions, or require assistance in these considerations, please contact the Help Desk at (989) 774-3662.