Protect Your Credentials from Agentic AI

As agentic AI systems become increasingly capable of autonomous decision-making and task execution, it’s critical to understand the risks of sharing your login credentials—especially institutional ones—with these tools.


Why You Should Never Share Credentials with AI
Agentic AI may:

  • Store or reuse credentials in ways that violate RPI policy.
  • AI Agents may use your credentials in unintended ways or with unintended outcomes.
  • Interact with third-party services lacking institutional oversight.
  • Cause unauthorized access, data breaches, or compliance violations (e.g., FERPA, GLBA, GDPR).

 What You Should Do

  • Never input RPI credentials into AI tools unless explicitly approved by DotCIO.
  • Use Single Sign-On (SSO) where available and avoid personal or trial software for institutional work.
  • Report any suspected misuse or credential exposure to the Information Security team immediately.
  • Never approve MFA/DUO authentication prompts for a session you did not initiate or cannot identify.


Rensselaer’s Cyber Citizenship Policy requires all users to:

  • Avoid sharing credentials with unauthorized systems or individuals.
  • Use RPI systems ethically and in compliance with institutional and legal standards.
  • Refrain from using unvetted or trial software on RPI systems, including AI tools that may not meet licensing or security requirements.

If your department or portfolio is considering AI or Agentic AI for a specific use case please reach out to DotCIO for futher review and support.

Division of the Chief Information Officer

110 8th St. Troy, NY 12180

(518) 276-7777

Staff Directory

Get Help


IT Service and Support Center
Back to top