University-Wide Password Reset
The University of Alberta has begun an initiative that will have all CCID holders change their passwords. This process is going to be rolled out over several weeks to minimize the effect it has on our staff, students, and other stakeholders. This change is required to improve security and mitigate against the risks from the computer vulnerability known as the Heartbleed bug, identified in April. Although there is no evidence that any of our accounts have been compromised, we are taking the necessary best-practice precautions to protect our environment.
This password change event also provides an opportunity to strengthen and improve our password standard. The new standard requires a minimum of ten characters. All other existing complexity standards remain the same, including no expiry.
To assist users with this transition we have setup a new CCID portal at myccid.ualberta.ca.
This new portal offers users the ability to quickly tell if the password entered is correct. Additionally, the portal will also show, in much greater detail, whether your new password choice is valid or not.
- April 7th: Heartbleed bug publicly announced
- April 8th: Critical systems were patched
- April 9th -> ongoing: Continued scanning of university networks for vulnerable systems.
- May 14th-21st: IT Staff, Deans, Directors, Chairs, APOs, CCID Authorized Approvers and HR Staff were made aware of the upcoming password change initiative.
- May 22nd-27th: All university staff receive communication requesting they reset their password.
- May 28th-June 5th: All other CCID owners receive communication requesting they reset their password.