The UNM auditors have required that we enforce password changes on UNM NetID accounts. In addition, since the ITEL system was discontinued, we have needed a new way to allow students to reset their own passwords in the event that they forget a password. With these two issues in mind, changes are being made to password processing and reset for UNM NetIDs
Beginning 8/27, all UNM NetID users (all staff, students, and retirees) will be able to set up responses to challenge questions through a new NetID page. Once created, these responses can be used to authenticate a user and allow them to reset a forgotten password.
At the same time, new password management will take effect.
The new web page will provide access to all four NetID related activities:
These four functions will be available at http://netid.unm.edu This will replace the current page with that URL. The new page will be available 8/27.
The UNM NetID password format has been amended slightly:
—The dollar sign will no longer be allowed as part of the string, to remove a conflict with Banner passwords
—Passwords will need to comply with this format:
A password will expire six months after the last change to the password (or six months after the creation of a new account). On 8/27, we will start adding expiration dates to all existing LDAP accounts, using a batch process. The first expiration date for accounts will be 2/23/08.
Warning emails will be sent to the user’s preferred email address 30, 15, 7 and 1 day before expiration. If they reset their password at any time during this process, no further emails will be sent. The first email reminders will be sent on 1/24/08.
There is one other significant change to the way passwords are handled. Starting 8/13, LDAP will retain a password history for all accounts. Re-use of passwords will not be allowed.
The HSC/Hospital NetID is completely separate. These measures only relate to UNM NetIDs, stored in the central LDAP directory. These changes have no effect on the format, expiration or re-use of passwords for HSC NetIDs.