Beware of phishing attacks
©photos.com
If you receive an email from EPFL who ask you to update your EPFL password by email, be sure of one thing: this email does not come from EPFL.
EPFL e-mail adresses are often subject to phishing attacks, whose objective is to make you reveal confidential data. The DIT reminds you that it will never ask your passwords by e-mail, thus never answer to such messages.
The blog secure-it.epfl.ch/new list all current attacks of this sort. You should subscribe to the RSS feed, so that you can check dubious messages.
Be also cautious when messages ask for your bank account details, even if they seem to originate from trusted websites.