Passphrase Change Campaign

As part of the ongoing effort to improve privacy and computer security, UC Davis is requiring all campus computing account holders to upgrade their Kerberos passwords to passphrases. New federal minimum passphrase strength requirements are the impetus for this change. Existing campus password standards, implemented more than 20 years ago, fail to meet these federal requirements. See the campus directive for additional information.

The Difference Between Passwords and Passphrases

Passphrases are used for the same purpose as passwords -- to gain access to secure systems. However, unlike passwords, passphrases allow you to use spaces, a string of dictionary words and more characters. Passphrases allow more flexibility while providing a higher level of security than passwords.

Passphrase Strength Requirement at-a-Glance

To meet the federal passphrase strength requirement, campus Kerberos passphrases must be at least 12 characters long. The actual number of characters required to meet the standard will depend upon the characters used, but samples of passphrases that meet the requirement are:

I Love My Dog.
Aggie for life!
FALL Quarter 2010

For more information, see How to Protect Passphrases and Passwords.

When to Upgrade to a Passphrase

Everyone will have to upgrade to a passphrase by early December 2010. Beginning in October 2010, passwords will be systematically expired. However, waiting until passwords expire is not recommended, as this could result in a temporary loss of access to campus services, including but not limited to MyUCDavis, SmartSite, MyTravel, MyInfoVault, Kuali Finance System, UCD Buy, UC Learning System and Clinical Resource Center (UCDHS).

To upgrade now, go to, select Change your passphrase and follow the instructions. Or, choose Check new passphrase strength to first check the strength of a passphrase you want to use.

Online Passphrase Reset

When you upgrade to a passphrase, you will also need to set the security questions/responses needed to facilitate an online passphrase reset if you have not done so previously. The online passphrase reset enables you to set a new passphrase 24/7 without contacting the IT Express Computing Services Help Desk or your departmental technical support.

Supplemental content

Tools for Campus Account Holders

Passwords expire by the first letter in the login ID. Log in to find out when your group is scheduled to expire. NOTE: This tool will not tell you if you have upgraded or not.

Computing Accounts Web Site

Go here to:

Set up a new passphrase

Test passphrase strength

Update passphrase challenge questions

How to Protect Passphrases and Passwords

Information to help you create a passphrase.

Departmental Account Proxy List

A list of registered account proxies for each campus department.

Tools for Technical Support Staff

Log in to see the complete password expiration calendar. The calendar shows when each group is scheduled to expire.

Passphrase Flier/Poster

Print and post this PDF in and around your office to remind people to upgrade.

Proxy Resources

Information and instructions related to the UC Davis account proxy program. Proxies are career staff members who are authorized to verify, for their department, an account holder's identity for the purpose of a passphrase reset.

Account Detective

Enables you to see if someone's password has expired and if a new passphrase has been set.

Weekly Status Reports

Technical support staff will receive weekly reports stating who within their designated department code has and has not upgraded to a passphrase. Contact with questions.