Each SU NetID owner will be assigned a password expiration date based on their last password change.
New password management measures include
- You can change your SU NetID password at any time before it expires. Your password expiration date is set one year out from the date you change your password.
- 30 days before your password expires, ITS sends to your official SU email address a warning that your SU NetID password will expire on a specific date.
- Warning notifications will not request your credentials and will not include links to pages that request your credentials. Always use your browser to navigate yourself to SU web sites. Never use links within emails because hackers can easily duplicate the look of SU web sites.
- Go to MySlice and follow the link to Change NetID Password.
- If you don’t change your password, you will receive additional warning notifications in advance of your password expiration date. Warning notifications will stop once you change your password.
- Accounts with unchanged passwords will be disabled on their expiration date. Password expiration and account disabling will occur every day, including weekends and holidays.
- If your account is disabled you will not be able to log into your SU desktop (including via SURA/VPN and Remote Desktop), MySlice, Blackboard, SU email (including SUMail and Outlook Web Access), AirOrangeX, or any other University systems. Your mobile devices will no longer be able to connect to the University’s networks or resources.
- If your account is disabled, you will need to contact the ITS Help Desk during regular business hours to have it re-enabled.
- If you change your password more often than once a year, you will not receive any warning notifications.
I changed my password, but now I can't log in! Why is this happening?
It is likely due to a temporary account lockout. This happens when an incorrect password – in this case, your old password – is used repeatedly in a brief period of time. Certain devices store passwords. Some try to use it continually, resulting in an account lockout. Other devices will simply give up or display a request for a password.
The solution is to locate saved passwords and remove or update them and perform a fresh login. Here are some examples of devices with stored passwords:
- Off-domain PCs & Macs
- Mapped drives and printers
- Email clients that connect to Exchange email system (phones, tablets, third party mail clients)
- Saved passwords in web browsers
- Saved passwords in WiFi configurations (AirOrangeX)
- Saved passwords in VPN configurations (phones, tablets, Macs)
- On-domain PCs, Macs, Servers
- Saved passwords in web browsers
- Currently logged on sessions (computers, terminal servers, remote application presentation)
Why do I have to change my password every year?
“Routinely changing your password significantly reduces the window of vulnerability if your password is compromised without your knowledge,” says Christopher Croad, the University’s information security officer. “Not only is changing your password quick and easy, it’s one of the most effective ways for you to protect the University’s--and your own--confidential information.”
It's good security practice to protect your and the University's information. Passwords are proliferated across systems and become vulnerable the longer they are in use. Passwords can be stolen without your knowledge and can be used to access your data or to pose as you in criminal activity. When you are no longer affiliated with SU, the eventual expiration of your password is a sure sign that you are no longer using the account. This allows us to disable the account so that it can't be hijacked.
Who is affected by the new policy for compulsory password change?
Everyone! That is, everyone who has an SU NetID.
How can I find out when my password will expire?
You will be notified by email starting 30 days prior to the expiration date. If you are concerned that you will not be connected to email for some duration in the coming year, change your password so that the expiration date will be set to one year from that day.
Do I have to wait until I'm notified to change my password?
No. You should change your password anytime you think someone might know it. Plus, you can change it anytime you want to. Just go to http://its.syr.edu/netid/ and use the link to Change your Password.
How do I know the email I received about changing my password isn't spam?
Our notifications do not contain hyperlinks to any web sites, and will not ask you to do anything you shouldn't do. This will help you identify them as legitimate University communications.
Can I change my password expiration date?
Only by changing your password, at which time your expiration date will be set to one year from the day you changed your password.
How do I change my password?
Go to http://its.syr.edu/netid/ and use the link to Change your Password. However, once your password expires, you must contact the ITS Help Desk to have your account re-enabled before you can change your password.
Alternatively, you can use the link on MySlice.
Will my new password be copied automatically to other systems and devices?
Not in all cases. Most SU systems, including MySlice, Blackboard, OnBase, your SU desktop, and ITS computer lab workstations, will recognize your new password automatically. Some systems have a separate password, such as Hyperion (database connections), UC4, Versatile and R25. Devices with full disk encryption also use a separate password. Test instances of enterprise systems such as Peoplesoft use a separate directory for login ("test ldap"). If you prefer to keep the passwords for these systems in sync, they need to be changed separately.
Wireless devices such as smart phones and tablets may require that you logoff and then logon with your new password; some devices may require that you change your password in the Settings menu. If you use a third-party or device password manager (e.g., Apple Key Chain, LastPass, KeePass) you will most likely be prompted to change the saved password to the new password the first time you log in with the new password.
What happens if my password expires?
When your password expires your account is disabled and you will not be able to log into your SU desktop (including via SURA / VPN and Remote Desktop), MySlice, Blackboard, SU email (including SUMail and Outlook Web Access), AirOrangeX, or any other University systems. Your mobile devices will no longer be able to connect to the University’s networks or resources. If you need to continue use of your SU NetID after expiration, you will need to contact the ITS Help Desk to request that your account be re-enabled.
I think my password may have expired because my SU NetID doesn't seem to work anymore. What do I do?
You need to contact the ITS Help Desk to request that your account be re-enabled. Before your account is re-enabled, the staff will ask you a series of questions so they can be sure you are who you say you are. They will also walk you through changing your password, because if you don't your account will become disabled again.
If you have separated from SU (e.g. left your job or graduated) and no longer need your SU NetID, you don't need to do anything.
When exactly do passwords expire?
Passwords expire every day, even on Sundays, holidays, and vacations. When you are notified that it's time to change your password, please do so promptly. While your final warning notification indicates that your password will expire at "midnight", expiration actually occurs at about 7:30 a.m. ET the next morning.