Your single sign-on (SSO) password will expire:
- One year after the password was last updated
- If if we identify that the password is known by someone else
Your SSO password can be updated through the SSO password management pages.
Automatic expiry
Your SSO password expires automatically after one year.
Most Oxford SSO accounts can be used to access at least one business system, for which auditors recommend a password expiry period of 30, 60, or 90 days. We feel that expiry periods this short are likely to introduce weaker passwords and other negative effects, therefore use a period that roughly matches our annual business cycle so that improved assurance of security is realised without overburdening people with password management.
Your current SSO password expiry date is shown on the self-registration home page, you will start to receive notifications three weeks before this date.
Manual expiry
Your SSO password will be expired manually if we identify that it is known by someone else.
You must not share your password with anyone and you must update it if you think that someone else may know it. Your password may also be compromised for other reasons such as from malicious or flawed software, if the same password is used on other systems, or if it is not properly deleted from a computer before it is sent for repair, sale or recycling.
