Please note you will need your IT credentials before you register online as a new student. You'll receive an email with instructions which you will need to follow and if you do try to register before you have them, you will get an error saying that your credentials have not been recognised.

Why do you need to retrieve your IT credentials?

As a new student, you are issued with a Loughborough University username and email address and asked to set a password. This is your University IT account which allows you to connect to university online services and IT systems, such as the campus Wi-Fi and wired networks, your University O365 account including email, LEARN, Library systems, computer labs and print services and much more.

Once you have retrieved your IT credentials you will be required to set up Multi-Factor Authentication on your mobile device.

Multi-Factor Authentication (MFA) is required when accessing University online services and IT systems remotely. Install is quick and easy with the Duo Mobile app – see Step 6.

Follow the step-by-step guide to retrieve your IT credentials.

IT Security

You are responsible for any actions taken using your login details; therefore, it is important to keep your username and password secure.

By using our services, you agree to be bound by the Loughborough University Acceptable Use Policy.

The University has a range of systems and processes in place to help keep you safe online, but there are a few simple steps you can take to help protect your personal data and University account from viruses, spam and phishing attempts:


Protect your personal information by creating strong passwords for your University and personal accounts to keep them secure. For security reasons, we do not recommend writing your password down.

Never reuse your Loughborough email address and password to register for other online services – if any of those other sites are compromised, criminals may then have access to your University IT account.

Remember to ensure the password you choose is complex, difficult to guess, and follows the following rules:

  • 12 or more characters in length
  • MUST contain at least three out of the following four:
    • Uppercase letters
    • Lowercase letters
    • Numbers
    • Non-Alphanumeric characters (!"£$%^&*)
  • NOT contain any personal details - this includes your name or IT username in any format e.g., @Jonathan123 or @ITStudent123

Passwords can be changed by logging on to a University Computer and then pressing CTRL+ALT+DEL and clicking on Change Password.

We strongly recommend you enrol in the Password Reset System. This will make it easy for you to change your password, especially if you forget it.

Phishing emails

Only open emails and attachments from known and trusted sources. Never give personal or sensitive details out online or over email.

Types of email scams that attempt to obtain sensitive information such as usernames, passwords, bank account details and credit card numbers, may present as:

  • Imitating as official University emails, such as campus security, IT Helpdesk or HR/Payroll with a link requesting you to log in with your username and password
  • Organisations requesting confirmation of bank details
  • Claims that bank details have been compromised, or claim that you have been awarded a grant, entitled to a refund, rebate, reward, discount or donate
  • Asking you to reset your social media account password and username

Several signs to spot if they are fake:

  • Contain generic greetings such as 'Dear Bank Customer' or 'Dear Email User'
  • Contains poor spelling and grammar
  • Claim to offer something that is too good to be true, for example, “Congratulations You are a Winner…”
  • Suspicious link embedded in the email

If you are unsure whether an email is genuine, do not click any links in it, open any attachments, or reply with any personal information. If you receive suspicious email, please forward the email to

Financial fraud

Do not give your bank information to anyone or any website that you do not trust. Loughborough University will never ask you for your bank or sign in details via email.

  1. Never disclose security details, such as your PIN or full password - it’s never okay to reveal these details.
  2. Don’t assume an email request or caller is genuine - people aren’t always who they say they are.
  3. Don’t be rushed – a genuine bank or organisation won’t mind waiting to give you time to stop and think.
  4. Listen to your instincts – if something feels wrong then it is usually right to pause and question it.
  5. Stay in control – have the confidence to refuse unusual requests for information

For more information, visit the Financial Fraud Action UK website.

Safe browsing

Look for the padlock icon in the address bar when paying for goods or services online – it means the website is secure however check the URL for inconsistencies. If you cannot see a padlock icon in the window of a web login screen do not log in!

For a University online service, the web address will begin with the https - the s is very important: if it is absent do not log in!

Check the address starts with https:// whenever you’re asked to enter sensitive information online.

Please note: The latest version of Chrome does not show https or www for encrypted sites. It only shows the padlock. To see full URL, just click into the address bar to see full display of URL name.

Avoid using public Wi-Fi hotspots that are not secure or ask you for personal information to access it.

For more information on staying safe online, including top tips, helpful videos and the Acceptable Use Policy (AUP), please visit the IT Services website.

Contact us

If you are having problems retrieving your IT credentials using the link above, need advice on where to find your application/UCAS ID or are having issues installing the DUO Mobile app, please contact IT Services.