New University Password Change Procedure 

Due to the ongoing rise of cyber threats, it is imperative to modernize the existing University password modification process.  In response to this issue and to align with our established security protocols, we are introducing a new procedure and approach that mandates all faculty, staff, and students to update their Active Directory password on an annual basis. We understand that this revised process may cause some disruptions, but it is an essential step in safeguarding our collective information assets.

Beginning November 1st, anyone who has not completed a password change of their Active Directory credentials in the past 365 days will receive emails to prompt a password change.  This email will NOT contain a link to redirect you, like may be seen in a phishing email,  but instead will direct you to for instructions to change your password.

In the future, all faculty, staff, and students will be expected to change their passwords annually, with reminders to be sent out via email starting 30 days before expiration.  

Remember that a password history will be kept for the previous five passwords, and usage of those passwords will not be allowed. University IT encourages password management tools and offers all faculty, staff, and employees a free premium account through Keeper. You can learn more about Keeper at . 

We realize this new policy will cause some inconvenience, but it is an essential step to safeguard our and your information assets. We appreciate your help in our ongoing information security efforts as we strive to be vigilant and protect our UR community from potential cyber threats.  

If you want to change your password before the emails are sent out proactively, follow these instructions for changing your password. (University network access or VPN required to access instructions.)  

If you have questions or concerns about this change, please contact the University IT Help Desk at or (585) 275-2000.