Yesterday, a public announcement was made of the release of a new collection of email addresses and passwords from ‘dark web’ sources.
ISEA (Information Security and Enterprise Architecture) has identified 138 compromised email/UTORid accounts. These accounts will have their passwords reset immediately.
- Those affected by the password reset can restore their password using the UTORauth Self Serve Password Reset service or contact a campus help desk service.
- Password usage awareness is a key factor in reducing the impact of compromise. Ie. Use a separate password for each service, use passwords with sufficient length and complexity (min. 10 char., longer phrases, etc.)
- All community members should enroll in the UTORid self-serve password reset service: https://www.utorid.utoronto.ca/cgi-bin/utorid/acctrecovery.pl
- Use multi-factor authentication wherever possible.