Loyola Username / Password: For security reasons we cannot change passwords via email.  You will need to call us during normal office hours and we can reset it over the telephone.

Once done, we recommend you set-up your security questions so you can reset your password yourself in the future.  Follow the instructions in the Personal Account Manager (PAM) at: http://www.luc.edu/its/pam_first.shtml  to complete  your questions. 

It is also important that you do not use the same password for multiple sites. If you do, and someone learns your password on one site, they will be able to access every site that you used that password on.

Password standards for your Loyola Universal ID are as follows:

• Minimum length 8 characters
• Must contain at least 2 alphabetical characters (abcABC)
• Must contain at least 2 numerical characters (0123)
• Must be different than your previous 9 passwords

Additionally, access to your account can be locked if certain events occur. These events include:

• Expiration of your password:  your password will expire 180 days after you set it. Once your password has expired, you will need to go to PAM to reset it. If you have never used PAM, you will need to contact the ITS Help Desk

• Login failure lockout: your account will become locked if you incorrectly enter your password 6 times. Once this has occurred, you will need to wait at least 16 minutes from the last incorrect login attempt for your account to unlock itself. Once your account is unlocked, you can attempt to login again. If you have set up PAM, you can reset your password via PAM which will unlock your account.

Avoid phishing:  what is phishing?

Phishing is an attempt to steal sensitive information, such as your social security number or passwords, by posing as a trusted company. It is most commonly attempted via an email that will claim to come from a trusted company, such as your bank or your credit card company. If you follow the links provided in the email, you will appear to be providing your information to the trusted company, while in fact you will be providing that information to a phisher. Phishers are known for using this information for identity theft and other fraudulent acts.

How do I recognize phishing?
Phishing attempts are getting more and more difficult to recognize. There are some general rules of thumb that can help you identify them.

First, companies should not ask you any sensitive information via email. Legitimate companies that require sensitive information from you will typically send you a physical letter or require that you come in to their place of business to confirm your identity. If an email contains a link that you can click on, you should be suspicious.

Second, if the information request appears to come from a company that you do use, such as your bank, and you are unsure if it is a phishing email or not, give them a phone call instead of following the link in the email.

Third, almost any company that can contact you via email could also contact you via phone. Despite whatever consequences of not responding are listed in the email, consider not responding. Almost all large companies, especially financial institutions, will attempt to contact you through a means other than email before taking any action against your account.

Tips to avoid email phishing! http://www.luc.edu/uiso/careful.shtml

Orion Account & Password:  Requseting an Orion account   FAQ  FORM