Key Tips to Protect Against Identity Theft in College

From financial aid and loan applications to using public Wi-Fi, here's how students can protect their identity.

A college student does homework in the library on campus.
College students may be especially at risk of having their identity stolen.
Jacob Lund / Shutterstock

September/October 2021 Issue

The Federal Trade Commission said it received almost 1.4 million reports of identity theft in 2020, about twice as many as in 2019. The biggest surge came from consumers whose personal information was used to apply for government documents or benefits, such as unemployment insurance.

Colleges “are target-rich environments for identity thieves, because they have many databases containing the motherlode of sensitive information,” said Adam Levin, author of Swiped and co-host of the podcast What’s the Hack with Adam Levin. And even though students may be tech savvy, “cyber hygiene is not at the top of their agenda.”

They may leave papers with their Social Security, bank account, and credit card numbers sitting in dorm rooms, with people coming in and out, said Steve Weisman, who teaches about white collar crime at Bentley University. In addition, “mail in colleges is notoriously not secure.”

Because they’re constantly on the go, college students are apt to leave a laptop or mobile device in a classroom, library, or lounge—or use unsecured Wi-Fi networks in coffee shops and other public places.

Students might not know they’ve become victims of identity theft until they apply for a credit card, apartment, job or internship. In the time it takes to straighten things out, they could miss an opportunity.

If you’re in college, take these steps to safeguard your identity.

A person enters their passcode on a cellphone.

Set strong passwords and passcodes, and don't share them with friends.

Wachiwit / iStock

Set strong PINs and passwords.

Most importantly, secure every computer and mobile device with a Personal Identification Number and/or biometric (face or fingerprint) lock.

For every online account, create a unique password or phrase at least 12 characters long with a mix of letters, numbers, and symbols. Because these are hard to remember, consider using a reputable password manager program that is “intuitive and affordable,” said Eva Velasquez, chief executive officer of the Identity Theft Resource Center.

“Modern versions of mainstream web browsers like Firefox, Chrome, and Safari all include the ability to suggest and save passwords similar to a password manager and they are perfectly safe and reliable. In fact, they suggest that people have strong passphrases,” she added. But don’t do this if you don’t own the device, if you share it, or if you haven’t secured it with a PIN or biometric lock. Also, don’t let individual websites store your password, only your browser.

Use two-factor authentication.

Enable two-factor authentication whenever possible. When you log into an account with user name and password, it will require another step to verify it’s really you. Usually this is a one-time code sent to your phone, email or authenticator app.

In 2018, the University of Arizona began requiring two-factor authentication for all students, faculty, and staff accessing university systems. “That was the most impactful thing we ever did,” said Lanita Collette, the university’s chief information security officer. “Three years ago, we would have hundreds of compromised student accounts. This year we have had only three.”

Mail left on the kitchen table.

Send financial mail to a safe address.

Andrius Zemaitis / Shutterstock

Safeguard your social security number.

Don’t leave checkbooks or papers with your Social Security or bank account numbers in a dorm room or apartment. Shred them or keep them in a locked cabinet, in a safe deposit box, or at your parents’ home.

Don’t give out your Social Security number unless it’s required. You must give it to employers and when you apply for loans, bank accounts, and federal financial aid. (Some financial institutions will accept alternative ID such as an Individual Taxpayer Identification Number or passport.)

Beware of sender.

Never open emailed attachments you were not expecting, even if they seem to come from a person or company you know. They might contain malware and spyware. Check with the presumed sender first.

Likewise, don’t click on links found in email, texts, or social media that request personal data or offer credit cards, financial aid or mouthwatering deals. Instead, go directly to the company’s website. “If you don’t go to the source, you could have remorse,” Levin says.

Apps and games can also contain spyware so only download them from a trusted source such as the Apple App or Google Play stores.

Be wary of public Wi-Fi.

Avoid public Wi-Fi, and never use it when logging into financial accounts or making online purchases. On a phone, it’s safer to use your cellular network than unsecured Wi-Fi. Even better: Subscribe to a Virtual Private Network, which encrypts data sent over Wi-Fi networks, Weisman says.

A college student freezes her credit.

Report any errors on your credit report quickly.

SDI Productions / iStock

Check and freeze your credit.

Go to and request free copies of your credit report from Experian, Equifax, and TransUnion. Get any errors corrected.

Also go to each of these companies’ websites and follow their instructions for placing a free security freeze on your credit report. This stops potential lenders from accessing your credit report and thereby prevents thieves from opening new credit accounts in your name. If you’re applying for credit, go back and lift the freeze temporarily.

Even with a freeze in place, certain people will able to access your credit file—including yourself, existing creditors, landlords in connection with a rental application, and employers if they have your written permission and are allowed to by state law.

A freeze won’t prevent you from applying for financial aid or getting federal Stafford student loans, but you will have to lift it to access federal Direct PLUS or private student loans, according to Shannon Vasconcelos, director of college finance for Bright Horizons College Coach.

Update your software.

Update your operating system and security software immediately when prompted; the update may patch security holes that have been discovered. “It’s a race between the thieves who know what the vulnerabilities are and you patching them,” Velasquez says.

Rein in social media.

Don’t take online quizzes or post personal information on social media that could help thieves guess your passwords or answer security questions, such as your birthdate, your pet’s name, or photos of your first car.