10 February 2025

Good news: from 10 February 2025, you will no longer have to change the password for your ULCN account every 182 days. You will choose one strong password and that will not expire.

What does this password policy change mean for me?

You will only have to change your password one more time in 2025. You do not need to take any action but will receive an automatic notification when it is time to do so. The following password requirements will apply to ensure your account is protected:

• Your password must be a minimum of 15 and a maximum of 64 characters long. The minimum number of characters was previously 12.
• You must not use more than four of the same characters in immediate succession, so do not use: aaaa or eeee.
• You no longer have to change your password every 182 days.

Why has the password policy been changed?

It is easier for you as a user if your password does not expire. The new requirements also ensure better protection of the information we process as a university.

There will be times when you do have to change your password. For example, if an attempt has been made to steal information, with phishing or malware infections, for example, or in the event of other security incidents. Then you must immediately change your password.

More information about our password policy

Read all about creating and managing your passwords. To change your ULCN password, go to Account Services. For questions or comments about information security, contact security@bb.leidenuniv.nl.