Skip to main content

Changes to UMD Password Policies

Beginning on April 11, 2022, the University of Maryland’s Directory password requirements will change to reflect updated University System of Maryland IT security standards.

  • When you change your password on or after April 11, the minimum password length will be 12 characters instead of 8. To make your password easier to remember, consider using a passphrase or sentence instead of a single word. An example of a valid phrase is: “The green grapes have seeds.”
  • Passwords changed on or after April 11 will be valid for 365 days instead of 180. Special administration accounts will continue to be valid for 90 days.

Additionally, there have been two other recent security-related improvements.

  • The optional “Remember Me” feature in Duo MFA is now valid for each browser for 5 days rather than 24 hours. The change reduces MFA frequency for most systems; however, some systems will continue to require you to use MFA more frequently.
  • Registering a mobile device to be used as your verified phone can make self-service Directory password resets easier. The phone must be able to receive SMS/text messages. Once set up, should you forget your Directory password, you can reset it without contacting the IT Service Desk.

We appreciate your understanding of these changes. If you need assistance with your password or any UMD IT services, please contact the IT Service Desk.

Back to Top