Change your password
Aim: Protect your account credentials with a strong, fresh passphrase
Target Audience: All users with a Nikhef account
Your password protects both your data and the Nikhef services from compromise and data breaches. A good password (or better: passphrase) is
- long (at least 10 characters, longer is better!)
- not guessable
- only used in one place, and
- periodically refreshed to prevent continued exposure.
A password manager is very much recommended by Nikhef.
Changing your password
You should change the password for your Nikhef account only on the passwd page:
Your account name is the User ID displayed in the web form. This is the only page where you should change your password. Please beware of phishing, and verify the source of the web page: clicking on the padlock icon in your browser's location bar should display "issued to" Nikhef (Stichting Nederlandse Wetenschappelijk Onderzoek Inst).
Do not forget to update your new password at the client side! Your Nikhef password is most probably stored at clients on your desktop, laptop or smart phone. Do not forget to update these stored passwords as well. Examples are: eduroam network configuration (account
email@example.com), mail clients, configured ssh tunnels, and so on.
Your new password has to follow these rules:
- It should be at least ten characters long - 16+ characters is recommended
- It should contain at least one upper case and one lower case letter, one number and one special character and six different characters
- It should not contain 'supposedly handy' strings like current year, your account name or your name
- Passwords used in the past two years are not accepted.
A good password is long, and still easily remembered. A series of unrelated words, interspersed with special characters, is typically a good choice.
The policy at Nikhef enforces you to change your password annually. You will be requested by mail one month in advance to change your password before a certain date. This mail will be repeated several times, and will ask you to connect to the Nikhef password update page by visiting the main Nikhef Intranet site. It only ever refers to https://sso.nikhef.nl/passwd.
Your access to services will be suspended in case you do not change your password before the expiration date. You cannot use this account (and all Nikhef-services that authenticate with this) as long as it is suspended, but our mail server will continue to receive your email (although you won't be able to read it). Contact the Helpdesk to reactivate your account.
One account for all ICT services
With your Nikhef account you are able to make use of almost all Nikhef ICT services, including services provided by our national and international partners ('cloud' services, services from SURF, CERN, etc.). That is why we use the term Single Sign On - for most services your single login at the start of the day will grant you access to all services for the next few hours.
You can use this one account for local services (mail, login, ssh), and for our web and federated services.
Extra information for owners of generic accounts
In case you are the owner of a generic account (like mdtoper, meet or helpdesk) you are able to change the password of the generic account on the same web page (https://sso.nikhef.nl/passwd) you use to change the password for your personal Nikhef account. Use the drop-down selection in the USER ID field of the web form to select the generic account(s).