DoIT would never ask you to send details of your username and password through email or any other means.
Occasionally DoIT detect emails sent to staff and students asking them to confirm their username and password. These emails are always fraudulent: the practice is known as "phishing". Despite their appearance, a closer look at the emails will show that they will not have been sent by DoIT but by someone fraudulently posing as DoIT. DoIT would never ask you for your password, for any purpose. Remember, your password is your secret. DoIT do not keep records of passwords.
The University's Regulations forbid you from sharing your password with anyone, including DoIT staff. DoIT will not ask you for your password over the phone, by email, or by any other means.
If you ever receive a request for your username and password details via email, NEVER RESPOND to it. Instead, just delete the email.
Unfortunately, a few individuals have responded to phishing attempts, and in one case the account details were used in an attempt to perpetrate financial fraud.Please protect yourself:
1. If you think you may have responded to a phishing email, change your password immediately using myUMBC.
2. Never disclose your password to anyone.
3. Avoid using the same password on different systems (external to the University).
In particular, be very careful with your University password, and with passwords that you use for financial systems, and for email systems.