Passphrase expirations are coming to IU. Are you ready?
Starting September 10, IU will phase in expirations for any passphrase that is more than two years old. This change will apply to all students, faculty, and staff at IU’s eight campuses.
If you don’t change your passphrase by the deadline, you will immediately lose access to CAS-supported resources such as OneStart, ePTO, Oncourse, and Student Information Services. But don’t fret! Passphrase expirations will be enforced only via CAS, IU’s Central Authentication System. Network IDs will not be locked or disabled – meaning you will still be able to log in to non-CAS services, such as workstations, email, and VPN.
Why is this happening?
It’s pretty simple — old passwords and passphrases can jeopardize the security of personal and university data. Passphrase expirations help protect this data against hacking and misuse.
Why will passphrases expire every two years?
Some people think of passphrases as the keys to your car. Instead, think of them as oil for the engine. You can have one car key for a lifetime, but you need to change the oil periodically for optimal performance. The same goes for passphrases.
UITS’ official recommendation is to change your passphrase annually, which is similar to the recommendation of changing oil every 3,000 miles. Does 5,000 miles hurt? No. But 20,000 miles, or 4-5 years for a passphrase, is pushing it. However, two years is an ideal balance for keeping your data safe.
How do you change your passphrase?
You can reset your passphrase at any time with the Self-Service Passphrase Reset tool at: http://passphrase.iu.edu
Having trouble? Visit your campus Support Center:
Learn more about mandatory passphrase expirations at: