To help keep your BU account safe, you should never reuse your BU password for any other services.  A reminder of why this is a good practice was seen last week when Twitter urged its users to change their passwords.

Twitter announced that a bug in their systems allowed for user passwords to be stored unencrypted in an internal log file.  They made sure to note that, as of now, they have seen no signs of the passwords being inappropriately accessed, shared, or used.  To be safe, it is strongly recommended that you not only change your Twitter password, but also change your passwords anywhere that you use that same password.

Sadly, stories of passwords being exposed online are not new.  It was only a few months ago that the single largest collection of passwords was exposed on the Internet.  A collection of 252 earlier breaches was aggregated into one massive database, exposing over 1.4 billion credentials.
Would you like to know if your username was included in one of the reported breaches? There are websites available to help you determine if your account was included in any known breaches, such as: https://haveibeenpwned.com/

If you find that your BU account has been compromised, we recommend you report it to the IS&T Service Desk and change your BU account password immediately.

Boston University Information Security
buinfosec@bu.edu