Update on Password Change Requirements

To better align with modern security practices, University IT will soon begin enforcing the University Password Policy that requires all faculty, staff, and students to change their UR Active Directory and NetID passwords annually.

Anyone who has not completed a password change of their UR Active Directory and NetID credentials as of 11/1/2020 will be receiving emails to prompt a password change. To avoid being confused with phishing messages that ask for credentials such as username and password, these emails will be very generic with no links. The emails will provide account information showing which password needs action and stating that you should visit tech.rochester.edu to get more information on changing your password as soon as possible.

Going forward, all faculty, staff, and students will be expected to change their passwords annually, with reminders to be sent out via email starting 28 days before expiration.
University IT does encourage the use of password management tools and offers a complimentary premium account through LastPass to all faculty, staff, and employees. You can learn more about LastPass here.

We realize that enforcement of the password policy will cause some inconvenience, but it is an essential step to safeguard our information assets. Thank you for your help in our ongoing information security efforts as we strive to be vigilant and protect our UR community from potential cyber threats.

If you would like to proactively change your password before the emails are sent out, please click here for step-by-step instructions. (Univerity network connection or VPN required).

If you have questions or concerns about this change please contact the University IT Help Desk at UnivITHelp@rochester.edu or (585) 275-2000.