Set up your password
When you start at Murdoch you need to set up your password. To ensure your new password meets the requirements and is secure, refer to create a strong password.
Students
You will be prompted to set up your Murdoch password when accepting your offer to study at Murdoch. Details of this process are included in your offer letter.
You can set up your password later by logging into the Online Response System. If you forget your password or do not have access to the Online Response System, please refer to the details for resetting your password below.
Staff
If you are a Murdoch staff member or contingent work (contractor, etc.) you can create your Murdoch password using the password reset. This process will send a code to your mobile and/or personal email address (that you have registered with HR) that you can then use to change your password. If you need to update your mobile and/or personal email address please do these via myWorkday or contact People & Culture via Murdoch Support.
Change or reset your password
Changing your password regularly helps keep your account and personal details secure. To ensure your new password meets the requirements and is secure, refer to create a strong password.
Change your password
If you know your current password, you can change it at any time.
Reset your password
Requires your personal verification details. If you require additional help please contact IT Service Desk on +61 8 9360 2000 (Monday–Friday 8am–5pm).
Creating a strong password
Passwords help protect you against identity theft. It is important that passwords are complex enough that they cannot be easily guessed, and that they are changed frequently.
Your password must be between 8 and 30 characters and include:
- at least one upper case alphabetic character (A-Z)
- at least one lower case alphabetic character (a-z)
- at least one numeral (0–9) or special character (*|+#) but not an ampersand (&) or double quotes (").
Your password must not:
- match any previous passwords
- include any characters occurring more than four times
- include alphabetic or numeric sequences of three or more characters (e.g. abc, 123)
- include keyboard sequences of three or more alphabetic characters (e.g. qwerty)
- include six or more sequential characters from your Murdoch username
- include three or more sequential characters from any part of your name
- include your date of birth.
Create a passphrase
Use symbols and numbers to replace some of the letters, to make a passphrase that is both strong and easy to remember. For example, "gibsonplayauthentic" can be rewritten as "gibs0nplay@uthentic".
Don’t use any of the following, spelled either forwards or backwards:
- names of anybody or anything associated with you (e.g. family, friends, pets)
- numbers associated with you (e.g. birth date or year, phone number, license plate number)
- words found in an English or foreign language dictionary
- place names
- proper nouns
or any of the above followed or preceded by a single numeric character and a single special character.
Don’t share your password or write it down
Your password should remain private. Do not share it with anyone, write it down or store it in an email or text file.
Use a password manager
Install a free, open-source password management tool like KeePass or Bitwarden to help generate, manage and store your passwords securely.
Don’t use 'Remember Password' option
Passwords saved to your computer or browser are a security risk, as they may be accessed by others from your computer or through attacks on outdated browsers.
Change your password frequently
It is recommended that you change your password for critical systems and accounts, including your Murdoch account, every 90 days.
Don't reuse passwords
Multi-Factor Authentication (MFA)
At Murdoch University, we are proactive about strengthening our digital security to protect not only your personal information but our systems and data. MFA provides an extra layer of protection against cyber-attacks and identity theft.
When you start at Murdoch, MFA will be automatically enabled on your account. For your convenience, we recommend that you set up MFA immediately after you set your initial password by following these MFA Setup Instructions.
MFA is an effective cyber security measure that is widely used to protect IT systems and data from unauthorised access - you may already be familiar with MFA as it is commonly used to protect online banking and social media accounts. As cyber security threats become more sophisticated and frequent, relying on passwords alone is not enough. In addition to your username and password, MFA requires you to provide another form of authentication to verify your identity prior to granting you access to your online account. Authentication is often done using a one-time, time-sensitive verification code that is sent to you via SMS text message or an authentication app.
Whilst hackers can obtain passwords through techniques such as brute force attack and phishing, it is harder for them to gain physical possession of your mobile device. Since MFA requires a second form of authentication via your mobile device, MFA makes it harder for hackers to gain unauthorised access of your MU account, MU systems and the data that is stored in our systems (which includes personal information of our staff and students).
From time to time, you will be prompted to verify your identity when attempting to log in to an MU system. This verification process is called authentication, and it is how MFA helps to protect our digital environment from unauthorised access. Authentication is often done by number matching – a verification code is sent to you via the Microsoft Authenticator app or SMS text message, and you will need to enter this verification code into the sign-in pop-up to be granted access to your MU account.
Please refer to the Authenticate using the App guide to learn how to authenticate with or without mobile or internet (Wi-Fi) reception using the Microsoft Authenticator app (the App). If you have not set up the App and often experience poor mobile reception, we recommend that you follow the App setup instructions to start using the app for MFA.
MFA will be automatically enabled on your MU account. After you set your initial MU password, we recommend that you set up MFA to ensure that you are prepared and to avoid any inconvenience when you are prompted to authenticate the next time you attempt to access the University’s online services. MFA Setup is simple and can be done at home or on-campus, please follow the MFA Setup Instructions.
After arriving in Australia, you may choose to obtain an Australian mobile number. It is important that you update your MFA setup so that you can continue to authenticate and access the University’s online services. To do this, please follow the step-by-step instructions in the Updating MFA Setup Guide.
Using the Microsoft Authenticator app (the App) for MFA is optional, however we recommend the App because it is a more convenient and secure way to authenticate than the SMS verification code method. This is because SMS messages can be intercepted by hackers, whereas intercepting the App is difficult as hackers would need to gain physical possession of your mobile device and pass security measures to open the App. Using the App is also more reliable as you do not need mobile reception or internet (Wi-Fi) connectivity to authenticate.
If you are currently using SMS verification codes to authenticate and would like to use the App for MFA, please follow the step-by-step App Setup instructions. To find out how to authenticate using the App with and without mobile or internet connectivity, please refer to the Authenticate using the App guide.
Our MFA Frequently Asked Questions page has further information on MFA, up to date advice and step-by-step instructional resources.
Need help?
Contact our experienced IT Service Desk team.
- Phone: +61 8 9360 2000 (Monday–Friday 8am–5pm)