UC San Diego SearchMenu

Annual AD Password Reset

UCSD Faculty, Staff and affiliates must change their Active Directory (AD) password annually.

Why do we have an annual password reset?

  • Password hashes can be retrieved from compromised computers and used to authenticate to systems over the network. Resetting your password changes this hash value, and reduces the risk having your account compromised.
  • UCSD has elected to enforce a minimum change interval of 1 year, and recommends shorter intervals as low as 90 days for computing environments that process sensitive info or are subject to regulation.
  • There are also various policies and regulations that must be considered. For example, the PCI DSS requires a change interval of 90 days.
  • An annual password reset is also a very valuable account inventory and cleanup process, and encourages the review and deletion of old accounts.

How do I change my Active Directory (AD) password?

Contact your local IT support team for the preferred method for changing your AD password. The following methods are available:

Online Reset Tool

Visit http://password.ucsd.edu to reset your password using several possible options, including using your existing password or providing your personal ID information.

Student Password Change Request

For Students Only - https://acms.ucsd.edu/students/gpasswd.html

Windows Password Change

Press CTRL-ALT-DEL keys concurrently and select "Change Password". Not recommend for remote or offsite users.

Exchange Email Users (Campus)

You may reset your password by logging into the webmail system by visiting https://mail.ucsd.edu/ in your Web browser. Click on Options in the upper right, then choose Change Password.

Exchange Email Users (UCSD Health)

You may reset your password by logging into the webmail system by visiting https://hsmail.ucsd.edu/ in your web browser. Click on Options in the upper right, then choose Change Password.

Additional Notes and Recommendations

  • See the Password Security page for info on password requirements and best practices.
  • If you need further assistance, your local departmental IT group or sponsor (PI, etc.) can assist you in resetting your password.
  • You will not be able to change your password to a previous password. 
  • Avoid password “transformations” where a password is altered only slightly in order to meet the requirements of changing a password. If a password is compromised, this makes it easy to guess the transformation and future passwords.
  • Be sure to update your mobile devices with your new AD password for continued access to email and the campus wireless network.
  • The use of password vaults (such as LastPass, KeePass, etc.) may be encouraged to simplify password management - check with your local IT support.
  • Multi-factor authentication technology is recommended for additional security.

Note: this page has a friendly link that is easy to remember: http://blink.ucsd.edu/go/ad-reset

Departments

IT Services