OIT to enforce password expiration to increase account security

At 7 a.m. Wednesday, May 11, the Office of Information Technology (OIT) will upgrade to Shibboleth V3 to enforce password expiration across campus services that use the authentication system. These services include but are not limited to:

  • Web Leave
  • Moodle, WolfWare and other DELTA resources
  • Numerous departmental-hosted services

The university’s Password Standard requires campus users to change their password at least once annually. However, the MyPack Portal is currently the only system that prompts users to change their expired password. Shibboleth V3 will alert users to change their password in a timely manner and will limit exposure to compromise.

How you will be impacted by the upgrade:

  • During this brief upgrade, your access to campus (e.g., MyPack Portal) and third-party services (e.g., ServiceNow) that use Shibboleth for authentication may be interrupted. You may be required to re-authenticate.
  • You will no longer be allowed to log in to services with an expired password.
  • You will need to reauthorize your attribute releases on initial login to a site. Attribute releases provide information about you (e.g., campus affiliation, mail ID, password expiration) that will be shared with the service you are requesting to access.
  • You will receive an Impending Password Expiration warning 14 days in advance of your password expiration date. You can opt to change your password then or wait until it expires. If you wait, you will continue to receive the expiration warning until your password is changed.
  • You will see a new NC State-branded design for all new Shibboleth Login Screens.

For ongoing information on the upgrade, see the SysNews announcement.