Updated UCOP password requirements take effect March 26
March 26, 2024 •
Editor’s note: After the publication of this article, the implementation date for this project was updated to March 26 (from April 2). The article below has been updated accordingly.
As part of our ongoing efforts to strengthen UCOP’s security protocols and to improve compliance with PCI Data Security Standard 4.0, ITS will be updating the policy governing user passwords for Active Directory (AD) logins. The changes will align our practices with industry standards and help to protect sensitive institutional and employee information.
The new password policy will take effect March 26, 2023.
Existing and updated password elements
The next time you update your AD password, the changes below will apply.
| Current | New | What’s Changing | |
| Password length | Min. 8 characters | Min. 12 characters | Add 4 more characters _________ |
| Complexity | Must contain upper case, lower case and special character | Must contain upper case, lower case and number | Remove requirement for use of special character; add requirement for use of number _________ |
| Expiration | Expires every 180 days | Expires every 180 days | No change
_________ |
| Password filter | We don’t use this | Implement password filter to screen for commonly used words or phrases | Implement a password filter
_________ |
| Password history – reuse | Cannot reuse any of the past 24 passwords used |
Cannot reuse any of the past 24 passwords used |
No change
_________ |
| Password history – time between changes | Cannot change password more than once in 24 hours | Remove this restriction | Allow unlimited changes in 24 hours
_________ |
| Account locking | Account locked after 5 unsuccessful attempts in 5 minutes |
Account locked after 10 unsuccessful attempts in 5 minutes |
Allow 5 more attempts before account locks
_________ |
| Automatic unlocking |
Automatically unlock accounts after 60 minutes | Disable automatic unlocking
|
Accounts do not automatically unlock
_________ |
How to change your password
If you use a UCOP-owned PC laptop, please log in to VPN prior to changing your password. Simultaneously select the CTRL+ALT+DEL keys, then select “Change a password.”
If you are a Mac user, go to mylogin.ucop.edu to change your password. There is a one-time registration for this self-service. Get Mac instructions here.
Need help?
If you have problems changing your password or are locked out of your computer, contact the Service Desk at servicedesk@ucop.edu or (510) 987-0457.
Tags: cyber security, passwords, service desk
