New SU NetID Password Change Requirement starts Nov. 3

Monday, October 20, 2014, By Christopher C. Finkle

Starting Nov. 3, anyone with a SU NetID password will be required to change their password at least once a year. Password management is a fundamental security practice. At Syracuse University, this starts when someone becomes a member of the University community and establishes a strong SU NetID password.

IMG---Otto-Locked-laptop-400px“Routinely changing your password significantly reduces the window of vulnerability if your password is compromised without your knowledge,” says Christopher Croad, the University’s information security officer. “Not only is changing your password quick and easy, it’s one of the most effective ways for you to protect the University’s—and your own—confidential information.”

Boris Gresely, Student Association president, agrees. “Our students care about their security. I believe that once this threat is communicated, everyone will be willing to make the easy password change to protect the great work they’re doing,” he says.

Information Technology and Services (ITS), in collaboration with University leadership and the IT directors of the schools, colleges and departments, developed and will implement new measures to notify all SU NetID password holders when their passwords will expire, and, after several advance notifications, to disable accounts with expired passwords.

New password management measures include:

  • You can change your SU NetID password at any time before it expires. Your new password expiration date is set one year from the date you change your password.
  • 30 days before your password expires, ITS will send to your official SU email address a warning notification that your SU NetID password will expire on a specific date. The first daily notifications will be sent on Nov. 3. It may be several months before you receive a notification, depending on when you last changed your password.
  • Warning notifications will not contain working hyperlinks to any web sites. This will help you identify them as legitimate University communications. They will not be sent with a working hyperlink to the ITS Service Center email address, but some email applications that receive the email will automatically convert the address to a hot link.
  • If you don’t change your password, you will receive additional warning notifications in advance of your password expiration date. Warning notifications will stop once you change your password.
  • Accounts with unchanged passwords will be disabled on their expiration date. Password expiration and account disabling will occur every day, including weekends and holidays.
  • If your account is disabled, you will not be able to log in to your SU desktop, MySlice, Blackboard, SU email (including SUMail), AirOrangeX, or any other University systems. Your mobile devices will no longer be able to connect to the University’s networks or resources.
  • If your account is disabled, you will need to visit or call the ITS Service Center during regular business hours to have it re-enabled.

If you change your password more often than once a year, you will not receive any warning notifications.

A reminder to change your password, and a link to the password change page, has been posted on MySlice.

For more information about the SU NetID password change requirement, log in to Answers.syr.edu and search for “password change.”

If you need assistance changing your password, contact the ITS Service Center at help@syr.edu or 315-443-2677.