University of Toronto Logo

Information + Technology Services
Small normal big
  • Menu

New UTORid Password Policy

Information Technology Services is pleased to announce an improvement to the UTORid password creation policy effective Wednesday, September 16, 2015.

New UTORid Password PolicyTo strengthen the security of UTORid passwords, the Information Security and Enterprise Architecture (ISEA) team will no longer restrict passwords to eight (8) characters.

Users can now choose passwords between 10 and 32 characters, opting for longer passwords that are easy to enter on mobile devices, or shorter, more complex passwords that are quicker to enter at their Desktops.

Users are not required to change current passwords until they choose to do so.

The rules that a user may choose from are demonstrated in the diagram below:

What kind of password do you want? Follow the rules below when creating your new password.

Type No. of characters Character sets Examples
Short 10-15 3 or more sets Ex@shorTest
Intermediate 16-19 2 or more sets ShortJustTwoSets
Easy to type 20-32 1 set (or more) examplelongerbuteasy

Recommendation: Use 4 random words for a long password

Permitted Character Sets

lowercase: a – z

uppercase: A – Z

numbers: 0 – 9

symbols: + – ~ ! @ # % & ( ) . < > ? ; [ ] { } _ ^ = | / (space not allowed)

 

UTORid Password Policy Frequently Asked Questions:

Do I have to change my password to meet the new minimum ten (10) character requirement?

No. Users may continue to use their current eight (8) character UTORid password. The new rule will only apply if the user decides to voluntarily change their password or if the password is forgotten and requires a reset.

We encourage all users in the community to regularly change their passwords and take advantage of this new feature to strengthen their password.

How do I change my password?

Users who wish to voluntarily change their password may go to the UTORid Account Management page at https://www.utorid.utoronto.ca/ . Please note that users will need to know their existing password to change their password with the new rules.

  1. Go to the UTORid page https://www.utorid.utoronto.ca/
  2. Click on the “Change your password” link under the Account Management section
  3. Input your UTORid and existing password
  4. Click “Authenticate”
  5. Scroll down to the Password section and create a new password according to the instructions
  6. Click “Submit the modification request”
What other password services are available?

Information Technology Servies also released a new UTORid Account Recovery (password reset) tool for faculty, staff, students and alumni. We encourage the community members to sign up for the new service to enable easy password reset via alternate email or SMS (text) in the event the password is forgotten.  For more information on this service, please go to the UTORid Account Recovery announcement or service page.