Information Technology Services
UCOP Windows Password PolicyTo safeguard electronic information resources, ITS has instituted the following password policy for the Windows Active Directory (AD). The policy applies to your Windows-based computer, Outlook e-mail and calendar (including Outlook Web Access), and VPN services. This policy will be enforced when new passwords are created.
- Passwords must contain a minimum of 8 characters.
- Passwords must be 'complex'. Complex passwords
- Are difficult to ascertain (do not use such simple words as "password," "welcome," or "hello")
- Do not include three or more consecutive characters from the user name
- Contain characters from at least three of the following categories:
uppercase letters (A - Z)
lowercase letters (a - z)
- Base 10 digits (0 - 9)
(!, @, #, $, %, ^, &, *, (, ), -, +, <, >, ?
- Passwords must be changed every 180 days. You cannot change your password to any of the past 10 passwords you used.
- If you incorrectly enter your password more than 5 times in 10 minutes, your account will be locked. When your account is locked, you will not be allowed to log in until 30 minutes of inactivity on your account has elapsed. After 30 minutes of inactivity, your account will be automatically unlocked. The only way to have your account unlocked sooner is to contact Technology Service Desk to have your password reset.
- Any password reset by the Technology Service Desk will be pre-expired, meaning you will be required to change the password upon the first logon.
- If you do not use your password in 180 days, your account will be considered inactive and will be locked. You will need to request a new password from Technology Service Desk to log onto your computer. To prevent this, we recommend that you change your password before you leave the campus for an extended period of time, such as extended sabbaticals or vacation breaks.