EID Password Change Campaign: Details & Timeline

Why is this happening?

The UT EID system now supports the use of passphrases. Passphrases are much easier for users to create and remember and are much harder to be guessed or compromised by attackers. Also, the number of compromised campus accounts has dramatically increased in recent years due to persistent phishing attacks, advanced attacks from nation-state actors, etc. At the same time, while research has proven that it is not effective for individuals to frequently change passwords, it is important to avoid reuse of your EID password in other accounts (e.g., social media). There have been a number of instances where password reuse has led to UT account compromise. Lastly, the campus has made major advances in the use of multi-factor authentication using Duo and will be continuing to expand this capability. Duo has proven to dramatically reduce password compromises on campus over the last few months. 

 

Timeline

The ITS Identity and Access Management team (IAM) began the password change campaign beginning February 2019. The password change process was sucessfully applied to all person EIDs between February and May 2019. The next phase will focus on service EIDs in late July and August.