Skip to Main Content
Information Resources & Communications

Password Management: Frequently Asked Questions

  1. How do I change my password?

    There are a couple of ways to change your password:

    For Windows users in the office:

    • While logged on to your computer, hit the CTRL+ALT+DEL key combination. There will be a button for "Change Password." Enter your old password and then enter the new password twice to confirm.
    • Your existing password expires, in which case you will be prompted to enter your old password and then to enter your new password twice (to confirm) before you can log on.

    For Windows users out of the office and for Mac users:

    • Follow these instructions for using Outlook Web Access (OWA) to change your password.

  2. How often do I have to change my password?
    You will be required to change your password every 180 days.

  3. If my current password does not meet the required password policy, will my account be locked?
    No, your password will not have to meet the requirements until the next password change you make.

  4. I'm having problems logging in. How can I find out if my account has been locked?
    Currently the only method is to contact the Technology Service Desk. We hope to have a way of checking this online soon.

  5. What is the Windows Active Directory account?
    Active Directory (AD) is Microsoft's trademark name for a structured repository or directory of information on IT accounts and resources in an organization's Windows environment. By incorporating UCOP employees' IT accounts into this directory, IR&C is able to centrally manage the Windows environment, achieving greater security, policy compliance, and enhanced communication with users. Your UCOP Active Directory account is the username and password combination that you use for your Windows-based computer, Web e-mail (Outlook Web Access), and VPN services.

  6. I'm having problems changing my password, what's wrong?
    Make sure that you are entering a minimum of 8 characters for your password, and that, since passwords are case sensitive, you are typing it properly without the CAPS LOCK key on.

  7. What's a good way to keep track of or remember passwords?
    There are many tricks and strategies for memorizing passwords, one of which may be more suitable for you than another. Here are some practical ways of memorizing multiple passwords:
    • Create a "vanity plate" password phrase. This is a good option if you don't have a lot of passwords to remember. Choose a favorite song, book, or short phrase, and translate it into something that is easily memorized.
      • Eight Days a Week becomes "8Dys@Wk!"
      • Let's Stay Together becomes "Lts$A2Gtr."
      • The phrase Hard to Crack becomes "Hrd2Cr@k!"
  8. Use mnemonics. Somewhat similar to a vanity plate password phrase, mnemonics are memory aids used to remember items. In high school, you may have used the mnemonic, "My Very Easy Memory Jingle Seems Useful Naming Planets," to remember the planets: Mercury, Venus, Earth, Mars, Jupiter, Saturn, Uranus, Neptune, and Pluto. For your password, you may want to choose a phrase or verse and translate it into a password. You could also create a password phrase that expresses an opinion or relates to something important to yourself. The key is to make it simple enough that you don't have to think too much about where you abbreviated a word or inserted a symbol. This is a good option if you don't have a lot of passwords to remember.
    • "I like to eat at Red Lobster" becomes "Ilik2e@RL"
    • "This is my Amazon password" becomes "Th$My@mz0n"

  9. Are there other ways of securing my passwords in case I can't memorize them?
    It's best to try to keep your passwords in your head:
    • Don't write your passwords down on notes on or near your computer.
    • Don't store your passwords on your computer unless they're encrypted.
    • Don't keep a hard copy file folder of your passwords.
    • Don't give your passwords to others; not anyone. Recent news stories have highlighted how easily people will reveal their passwords, even to complete strangers. Human error continues to be the number one reason that sites are cracked, so be smart and don't share your passwords with anyone.

  10. How can I check to see if I'm using a strong enough password?
    The "check" will be that our AD Directory will not accept a password that does not comply with this policy's security standards.

  11. What does phishing have to do with passwords?
    Hackers try to trick people into giving away their passwords and other personal information by sending fake e-mail messages that appear to be from familiar Web sites such as eBay or a local bank. Because the e-mails look official, some people provide the requested information. Keep in mind that IR&C will never ask you to reveal your password.

  12. What should I do if I think someone has obtained my password?
    If you suspect an account or password has been compromised, report the incident to the IR&C Technology Service Desk and change all your passwords.

  13. For what logins does the password policy apply?
    At the present time, the password policy only applies to the Windows environment. It applies to the password you use to access your Windows-based computer, Web e-mail (Outlook Web Access), and remote access via VPN services.

  14. How do I get my password reset?
    Call (510) 987-0457 or and provide your employee ID number. They will verify your number and then reset your password. Managers can request a password reset on behalf on an employee, but must provide both the employee ID number of the individual needing the password reset and their own employee ID number. The full password reset policy is here: http://www.ucop.edu/irc/policy/ucop/pwreset_procedure.html

Please submit your questions, comments, and suggestions at feedback.html