Passphrase Management Changes


The Division of IT is making the following changes to the Directory passphrase management on October 6, 2022 to improve the security of your account. If you have any questions, please contact the Service Desk.

Security questions removal

The security question feature used for passphrase resets will be retired. Recent guidance from the National Institute of Standards and Technology (NIST) recognizes that security questions are not an adequate means of identity verification for resetting a passphrase.

Set a new passphrase

The passphrase change will become part of the self-service profile page. Therefore, you will need to successfully log in with your current passphrase and multi-factor authentication via DUO in order to set a new passphrase.

Expired passphrases can't be used to create new passphrases

NOTE: To ensure you have the most flexibility with resetting your passphrase, if you have not yet configured your verified phone, consider doing so before October 6.