---

Setup Forgotten or Expired Password service (One time only):

• Configure the Forgotten or Expired Password service using Virtual Office
• Configure the Forgotten or Expired Password service using a Windows computer with the Novell Client Installed

If for any reason you forget your answers to the challenge questions or wish to change them, you can change your responses (if your password is currently known):

• Change my responses to the challenge questions using Virtual Office

---

I know my password, but I want to change it:

• Change my NetID password using Virtual Office
• Change my NetID password using Mac OS X
• Change my NetID password using Windows 2000/XP Pro with Novell Client Installed

---

I've forgotten my password or it has expired and I want to change it:

NOTE: This functionality is only available if you have previously configured the Forgotten or Expired Password service.


• Use the Forgotten or Expired Password service in Virtual Office
• Use the Forgotten or Expired Password service from a Windows computer with the Novell Client Installed

---

Where can I go to have someone else change my password?

Passwords can be reset by the Distributed IT Support Staff and at the following locations (You must present your Campus ID or a current photo ID):

• OIT Help Desk - 2311 Pioneer Student Center
• ResNet/University Centers Network Support - 122 Royce Hall
• Bears Den Lab consultant - 2308 Pioneer Student Center
• Karrmann Library GCA Lab consultant - Main Floor East, Karrmann Library

Why do I have to be so careful with my password?

Passwords are the primary defense and front-line security for your data. If someone obtains your password, they have complete access to your account, your data, and to ALL the system privileges you have. You must not share your password because you are responsible for all actions taken by anyone with whom you share your password.

How do I select a good password?

A good password needs to be easily remembered yet difficult for another user or password cracking program to guess.

• Length is important. A longer password provides greater security. Generally there is not need for a password with more than 14 characters.
  
• Mix it up. Use letters (a-z), numbers (0-9), and special characters (!@#$%^&*-=+). Do not use spaces in passwords, as some programs will strip out the spaces and not allow access to your account.
  
• Use an acronym. "My Dog Ate All The Cat Litter Again" could translate into "MD8ATCLA". These type of passwords are easy to remember from the phrase, yet a casual observer would have a hard time remembering it.
  
• Use misspelled words.
  
• Combine two words. "Binder Aardvark" could translate to "bin+aardv"

What are some bad password practices?

• DO NOT WRITE YOUR PASSWORD DOWN. Post-It™ notes on your computer monitor, in the top of your desk drawer, or under your keyboard defeat the purpose of having computer security. The key is to choose a password that you can easily remember without having to write it down.
  
• Do not use your login name or any variation of your login name (smith2003, htims, smithsmith, ...)
  
• Do not use any name associated with you or your family (middle name, maiden name, name of spouse, name of girl/boyfriend, kid's name, pet's name, street name, city name, name of favorite celebrity, name of favorite sports team, name of favorite movie, ...).
  
• Do not use any information about yourself that is easily obtainable (street address, telephone number, license plate number, social security number, ...)
  
• Do not use the same password for your Internet accounts (HotMail, eBay, Facebook, ...) that you use for your UWP computer systems. If you password is compromised on any of these systems, it can easily be compromised on all of your systems.
  
• Do not use any common word that is in a dictionary or any common names including brand names.
  
• Do not simply add a number to the end of your password when you change it (SMEOID11, SMEOID12, SMEOID13, ...)
  
• Do not re-use computer passwords.
  
• Do not use the "Remember My Password" feature of applications (such as e-mail clients) or web sites.
  
• Do not share your password. Passwords are part of your digital identity and control access to University information similar to how a key grants you physical access. Just like a key, a password is assigned to you, is meant for your use only and should not be shared with others or left unguarded.

What should I do if I believe someone has stolen my password?

Immediately change your password. If you do not have access to your account, contact the OIT Help Desk or a lab consultant and ask them to reset your password. Remember that you will be asked to show your campus ID card before they will reset your password. Report any known or suspected compromises of your passwords to the OIT Help Desk (342-1400).

What methods for changing my password don't work?

DO NOT change your password with any of the following clients. They do not set the NetID (eDirectory) password consistently and may affect your ability to utilize certain services.

• Windows 2000/XP with a NetWare client older than version 4.90 SP2
• Windows 98/ME with any version of the NetWare client

Is my eDirectory password case-sensitive?

Yes, eDirectory passwords are case-sensitive.