IT Services passwords

Change your password / Reset a forgotten password

Your SSO account password has a lifetime of one year.  You will start to be prompted to change it three weeks before it is due to expire.

• If you know your old password you can use it to set a new password.
• If you have set your security questions you can reset a forgotten password.
• If you have not done so already, you are strongly encouraged to set your security questions.
• If you have forgotten your password and have not set security questions, or provide 3 incorrect responses to your security questions, you will need a rescue code.
• Your local IT Support Staff can provide you with a rescue code.
• The central IT Service Desk can send a rescue code to your registered alternate email address, or by University messenger to your primary college or departmental address.

Password rules

The rules the Single Sign-On password must follow are that it:

• is a minimum of 16 characters.
• must not be a dictionary word or a name.
• must be different from, and not based upon, your Oxford username.
• must not be a previously used password.
• must differ from the previous password by at least three characters.
• must contain at least 5 different characters.

Your SSO password is used to access a number of services including:

• Nexus 365 email and the Nexus365 portal.
• Virtual private network (VPN)
• Canvas, virtual learning environment.
• IT Services Self Registration, for managing accounts and software downloads.
• the CoSY course booking system.
• the GNU/Linux service.
• some department and college facilities.

Further SSO details can be found on the Oxford Username and Single Sign-On page.

Change your password

Your Remote Access password's expiry date is set to your University card's current expiry date whenever the password is changed.

• Your Remote Access password can be created or updated through your Self-Registration pages.

• The new password will become active within 15 minutes.

Password rules

The rules the Remote Access password must follow are that it:

• must include at least one character from three of the following:
  • Lowercase letters (a-z)
  • Uppercase letters (A-Z)
  • Digits (0-9)
  • Punctuation characters (such as &'^!."[,]-+)
• must contain between 10 and 24 characters.
• must contain at least five different characters.
• must not contain backslashes, backticks, spaces, single quotes or double quotes.
• must not be a dictionary word or a name.
• must not be a subset or superset of your current password.
• must not be based on your SSO username.
• must not be the same as your SSO password.

To log in, use your Oxford username in the format of abcd1234@OX.AC.UK

A Remote Access account is used to access:

• the eduroam WiFi service

To use Remote Access, you use your Oxford username and your Remote Access password.  A Remote Access account can be created or the password changed through the Self-Registration pages, with any status queries clarified on the card entitlements page.

Further details can be found on the Remote Access Account page.

Change your password

Your CONNECT password will need to be changed every 12 months.

• Read our guidance on how to change your CONNECT password
• You can also unlock your CONNECT account or reset a forgotten password using the CONNECT password manager when connected to the Oxford network or using the VPN

Password rules

The rules the CONNECT account password must follow are that it:

• must contain at least 16 characters.
• must not have been used as one of your previous 24 passwords.

To log in, use your Oxford username (without @OX.AC.UK after it)

A CONNECT account is used to access:

• managed staff desktops, used by staff in UAS and GLAM
• the remote desktop service
• HR Reporting
• Casewise
• GoPro
• X5