Whilst most of us continue working remotely off campus, we still need to regularly change our University password. It is University of Birmingham policy for passwords to expire after roughly 6 months (180 days) and the main reason why we do this is to prevent continued use of stolen passwords that have not been detected.
Passwords can become compromised after being stolen using a variety of techniques; these include phishing, malware and in some cases the use of hardware devices. By regularly expiring passwords it means that if a password is stolen it can only be used for a limited period of time. You can find out more about why University passwords expire at https://kb.bham.ac.uk/kb12938.
Changing your password whilst working remotely
If your password is due to expire, you will receive an email from IT Services letting you know when this is going to happen. Once you receive this email, we recommend that you change your password when it is convenient, but before the expiry date. We will remind you every day for 28 days or until you change your password (whichever happens sooner).
If you are working remotely on a University managed laptop, we strongly recommend that you sign in to the Remote Access VPN before changing your password. This will ensure that your new password is synchronised across your device and all other services. You can find guidance on how to do this in our Knowledge Base article https://kb.bham.ac.uk/kb14923.
For all other situations where you are working remotely (e.g. using your own personal device) then you can find information on how to change your password using the University’s My Password service online at https://intranet.birmingham.ac.uk/it/services/My-Password.aspx.
Don’t forget that once you have changed your password you will need to update any other devices such as mobile phones, tablets etc. that will have your old password saved.