Use Strong Passwords for Your UP Mail Accounts

UP Users are reminded and encouraged to review the passwords they use, especially for their UP Mails.

Below are some pointers and recommendations to guide you on how you should create and use your passwords.

  1. Minimum of sixteen (16) random characters (letters, numbers, and symbols) or four (4) random, non-common words for passwords.

  2. Minimum of six (6) Alphanumeric characters in a passcode for your mobile phone or tablet. Avoid using numeric passcodes with 4-6 digits.

  3. Enable Multi-factor Authentication (MFA). Avoid using SMS-based MFA whenever possible. Users are encouraged to download, install, and use an authenticator application, such as the Google Authenticator mobile app. This will allow you to perform the 2-step-verification when you sign in to your UP Mail account (@up.edu.ph). Using Passkey and/or hardware-based MFA (e.g. Yubikeys) is also recommended.

  1. Do not reuse your passwords. Each of your accounts must have a unique, different password.

  2. It is advisable to use a password manager software, such as Bitwarden, 1Password, ProtonPass, and iCloud Keychain Password.

  3. Regularly check https://haveibeenpwned.com to ensure that your accounts are not in the database of compromised email and passwords. “https://haveibeenpwned.com” is a reliable website that allows you to search their database to check if your email address has been compromised.

For UP Mail, please make sure that you have a recovery email set to allow you to use self-service password reset: https://support.google.com/accounts/answer/183723

You can change your UP Mail password by following the steps found in this link: https://support.google.com/mail/answer/41078

If you need further assistance, please contact the local IT office of your campus/constituent university (CU). You can find their contact information here: https://itdc.up.edu.ph/contact-us#cu-it-support