The University takes information security very seriously and wherever possible protects the services you use from malicious or accidental damage, as well as protecting your personal data. 

However, security is becoming ever more challenging as we all work on a range of devices - on smartphones and laptops via wifi - and much of the malicious activity online (like phishing emails) is very credible.  


The best starting point for good security is a strong password.

All new passwords:

  • must have a minimum of 12 characters,
  • must contain at least one of the following characters: abcdefghijklmnopqrstuvwxyz,
  • must contain at least one of the following characters: ABCDEFGHIJKLMNOPQRSTUVWXYZ,
  • must contain at least one of the following characters: 0123456789,
  • must contain at least one of the following characters: -!*%&:$#@>,
  • must not contain any personal details (e.g. email address, username, phone number),
  • must not be a previous password,
  • must not include include words on a custom keyword blacklist (e.g. Brookes and password),
  • should not be used for other non-Brookes services such as Facebook, Twitter or personal email accounts.

It is also advisable to only use characters in the list above and wait 5 minutes before trying to use your new password after resetting it.

Prior to starting at Oxford Brookes you will receive 2 emails (to your registered personal email address). The first of these emails will contain your student/staff number (User ID), the second will contain a unique link for you to create a password. If you do not create a password within 48 hours you will have to request another password on the Secure Forgotten Password Page. After inserting your student/staff number a new unique link will be sent to your personal email address. Use this password both for logging onto a Brookes computer and your email account.

We suggest you don't use the same password for your University log-in that you use elsewhere, make it a unique password. Don't disclose your password to others and remember that University staff will never ask you for your password. And if someone does email you asking for your password, don't give it to them.

What to do if you click a link in a suspicious email

If you have clicked on any of the links in a suspicious email or have received an email trying to extort money, please contact the IT Service Desk on 01865 483311 option 2 or visit the IT Service Desk Points to have your password reset.

Anti-virus software

The University uses SOPHOS as its anti-virus software on all staff and student PCs. You can also add it to your own devices for free, just download it from the Sophos website.

Secure your mobile devices

It is very important that all mobile devices like phones and laptops are locked with a security code, fingerprint or locking screensaver. This protects access to your personal information should you accidentally leave your device unattended.

2-step verification

(for your Google account)

We encourage all at Oxford Brookes to set up 2-step verification on their University Google account. This adds an extra layer of security when you log into Google for your email, timetable and documents. For simple steps to set this up, read our guide on setting up 2 step verification on your email. You will need to have your mobile phone with you.

IT Service Desk

For IT support you can