Confidentiality and security

A weak password: the enemy of information systems
  • A weak password can make the entire information system vulnerable to damageA weak password can make the entire information system vulnerable to damage

Your Sciences Po account: your username (firstname.lastname) and password are personalized. Your password is known only to you; even the Information Systems Office does not know it.

Your login ID is unique and allows you to access confidential information, including:

  • Sciences Po email account, Moodle platform, online courses, etc. for both faculty and students
  • personal data for members of staff

The use of new digital applications makes your login ID all the more important: for you, but also for the Sciences Po information system as a whole. If someone with malicious intentions discovers your password (whether because you left it visible or because it was too easy to guess), it can be used to infiltrate the system and modify it.

How to create a strong password

You can draw on titles of books or films, places that have marked important periods of your life, or foreign languages. Here are several examples:

  • Film title + year of grandmother’s birth: Gone With the Wind = Gwtw1901
  • Battle + famous line of dialogue: Battle of Trafalgar + "May the force be with you" = 1805MTFbwy
  • Mnemonic phrase in another language + insertion of digits: Calma como a Madeira = 4C3c2a1M

What to avoid

  • First name + son’s date of birth: Lilian2010
  • Overly simple passwords: Paris75007
  • A logical sequence of characters: Abcd1234
  • Repeating one of the examples above...

Things to do

  • When leaving your computer, disconnect from your applications and close your session.
  • Change your password every 6 months, without reusing previous passwords.
  • Separate your personal and professional accounts: your Sciences Po password should be different from the one you use to access online banking, social networks, online shopping sites, etc.

Things not to do

  • Do not share your password with anyone, either verbally or by email. 
  • Never write your password on a post-it stuck to your screen or on a scrap of paper hidden under the keyboard.
  • If a colleague needs to use an application to which you have access, he or she should not use your login ID but rather create their own personal account for the application (contact the Helpdesk).
  • Do not let a colleague manage your emails on Google Apps while you are on vacation. Use an automated reply to notify senders of your period of absence and provide an alternate contact in case of emergencies.