Norwegian version of this page

Where is it safe to use your password?

Your UiO password is comparable to the pin code on your credit card. For your own safety: Do not let anyone gain access to it. It is also important that you don't use your UiO password as a password for other services outside of UiO.

Signs of safety

Check the following things before typing in your UiO password, or any other kind of password or pin code:

Some signs of safety are the same for all web sites:

  • The URL starts with "https" ("s" for "safe")
  • There is a small padlock icon next to the URL.

On the UiO website, you can also check the following:

  • The URL on the site should always contain "uio.no", for example https://webmail.uio.no.
  • The graphic profile is recognisable and corresponds with the UiO graphic profile.

Before typing your UiO password, make sure that the website URL looks like this:

  • https://[service].uio.no/example/more-example/
  • https://[service].feide.no/example/ more-example/
  • https://[service].uhad.no/example/ more-example/

The first part of the website URL has to end with either

  • .uio.no, e.g. https://webmail.uio.no/
  • .feide.no (used for authentication across the Norwegian higher education sector)
  • .uhad.no (used by some Microsoft services)

Examples of real and fake websites

 

Fake website

Bilde av falsk nettside for UiO webmail

Example of a website set up by scammers trying to steal your password and username. Note that web address contains "uio.no", but not in the right place.

 

Real website

Ekte UiO webmail

This is the real UiO webmail site. The two websites look identical, except for the URL.

 

Fake website

falsk innloggingsside uio webmail

Another fake login page. This one contains "uio-no", but not in the correct format https://[service].uio.no.

 

Examples of UiO related log in sites

As an employee or student at UiO you have to log in by using a user name and password to gain access to a number of services. Some of these are owned by UiO, like Brukerinfo, Webmail and Weblogin (Norwegian). Sites like Feide is owned by Uninett. Even though UiO is not the owner, Feide (Norwegian) is still safe to use.

Other precautions

Scammers and others with ill intent also use padlock images and https in their fake log in sites. 

We therefore recommend that you never click on log in URL's sent to you by e-mail, even though the e-mail looks like it is from an IT employee at UiO, your bank or other trusted sources. Our tip is to write the URL in your browser yourself or use your own bookmarks.

Be critical!

If you are unsure, contact UiO-CERT and ask.

Never share your password!

Published July 5, 2018 11:05 AM - Last modified Nov. 22, 2022 11:22 AM
E-mail this page