An Oxford username and Single Sign-on (SSO) password provides a high security username and password system. It also has a second factor authentication process once set up by the customer. This gives you access to many web-based services using one set of account details for authentication. It works with any web browser that supports cookies.
Your Oxford username is usually of the form abcd1234, where abcd is a code for your college or department to which you are first affiliated. It is administered by IT Services and is separate from any other local college or departmental accounts you may have.
Your Oxford username and Single Sign-On password can be used to log in and this will start a Single Sign-On session. Single Sign-On means that after your initial login, you can use associated services without having to re-enter your username and password.
Manage your SSO account takes you to the URL webauth.ox.ac.uk and is the service you can use to set up, change, or reset an expired password, and recover a forgotten password.
Oxford Single Sign-On is the only login page where you should enter your Oxford username and Single Sign-On password. You can think of the Single Sign-On as a central authentication system that is trusted by various services in Oxford to handle all the username and password checking so that each individual service doesn't need to do it for itself. Once you have entered your Single Sign-On details you will need to enter your additional authentication credentials to proceed. See Multi-factor authentication.
To end your Single Sign-On session ("logout") you will need to close your web browser (that includes quitting all running copies of your web browser).
Each person has a primary Oxford username and Single Sign-On password which is also known as the Oxford Account. This account will stay with a person throughout their time at the University, and will be re-used if the owner leaves and then returns within 5 years.
The generation of a University Card record is the trigger which initiates the Oxford account creation process. Once the account has been created it has to be activated, which is the process whereby a security question/answer and a password are set for the account. Please note that the password must not be shared with anybody else. The customer must then set up their Multi-factor authentication.
If your activation code has expired, please contact the Service Desk quoting the account name and your card barcode number, and the same code will be renewed for a further 30 days.
Facilities available through the Oxford account will be terminated at University Card expiry. See Finishing IT use at Oxford.
Please note that a change of affiliation or status does not result in the creation of another account. All we change are the Oxford email addresses. No paperwork or email is sent.
Account activation details will be sent by letter to new members of staff, visitors and part-time students at their college or department.
The letter will usually arrive within three working days after a University Card is received by a department or college. If it does not arrive please contact local IT support staff in the first instance.
Oxford SSO activation details are emailed to students in advance of their arrival at Oxford. The trigger for this is the process called Final C (this is the University process which confirms that the student has satisfied all the conditions and has returned their signed University Contract agreeing to abide by the University's rules). It culminates with the generation of a University Card record, which in turn causes a new SSO account to be created. For Michaelmas starters, this process begins on 1st July; for Hilary starters on 1st December; for Trinity starters on April 1st.
The email addresses used for this are those registered with Student Records. The quality of this data is a bit variable. Undergraduate applicants often use their school email address, which doesn't work once they have left school. Therefore, known school email addresses are not used to send out activation details. Working email addresses will be requested from college admission officers where necessary.
Some mail systems treat the activation email as spam, so it is worth looking in a mailbox's junk mail folder if the message has apparently not arrived.