Image Image Image Image Image Image Image Image Image Image

The Blue & Gray Press | August 19, 2019

Scroll to top


Staff Editorial: It's Time for University's Password System to Expire

Every 90 days, students who try to sign in to their University of Mary Washington accounts face a moment of panic, followed by frustration, when confronted with a password expiration notice.

Two years ago, UMW drastically changed the manner in which it handles the Net ID password for its students. In theory, requiring passwords that incorporate capital letters, numbers and a minimum character length should improve security. However, these qualities become a problem when students must re-set their password every 90 days. While that doesn’t seem like a short period of time, it can fly by faster than you think.

If a student does not change their password before the deadline, they cannot enter Canvas or Banner. This makes sense for security purposes, but, with the general shift in many classes toward turning in papers and taking quizzes online, being locked out of university websites can have an impact on one’s grade.

Usually, the remedy for this is simple, call or visit the help desk in the bottom of George Washington Hall, or use the online tool. However, these added security measures are starting to become more of an annoyance than a welcome protection. In an age in which almost every website requires a username and password, it becomes a burden to memorize another intricate combination of letters and numbers for 90 days, and recycling passwords is not allowed since repeats are forbidden.

From the University’s standpoint, these requirements make sense. Online security is no joke, and, as we all know, a specialized password makes it harder for hackers to gain access to your personal information. Still, students are not just students, but young adults with lives outside of constructing multiple passwords and committing them to memory. If the choice came down to sacrificing the security of a class schedule or being temporarily blocked from turning in an assignment, most students would go with the former.

Just like two years ago, when the University re-evaluated and updated their online security measures, perhaps it has come time again for an update. Preferably a compromise that can merge adequate online protection with practical, real-world usage.



  1. Student with a memory

    Even though it’s annoying, there are a couple things that you, as a student or staff, can do:

    For one thing, you can check on eaglenet under University Resources –> Tech Support and it will tell you how many days left you have until your password expires.

    For another, the system is supposed to send a reminder email; granted, it doesn’t always happen, but it usually does.

    It may be a burden to memorize extra passwords or create new ones, but the security is important: you have sensitive information that can be gained just by logging into eaglenet, such as dorm information, address, grades, etc. This also prevents you from reusing passwords from other sites as your eaglenet/canvas password, which helps to make sure that if one account is hacked, any other one won’t be.

    A temporary block from an assignment is a price I’m willing to pay to have a better chance of keeping my information safe. It takes 5 minutes out of your day to call the help desk and have us reset your password– being “young adults with lives outside of constructing multiple passwords and committing them to memory” doesn’t mean you can’t call us or even write down your password in your phone or computer if you absolutely have to.

  2. Person

    It should not take a call to a helpdesk to reset the password. If it expires, give us the dignity to reset it ourselves. Students don’t just do work during helpdesk hours.

  3. Student with a memory

    Again, security: we didn’t create the system, it’s just the one we use. If you aren’t sure if yours will expire or not, look it up.