Skip to main content

SOM Password Management

Your SOM password does not expire, so normally you have no need to change your password. If you do need to change it, however, due to an account breach, a lost password, or for personal preferences, you can change your password up to once a day.


In this article [jump to a section]:

You know your current password (Resetting your password)
     From your PC
     From Microsoft 365
You do not know your current password or can't access your account
Password Requirements


Resetting your password

From your PC

Type Control+Alt+Delete

Click Change password

Enter your old password, then your new password twice.

From Microsoft 365

From any web app, go to your profile pic and View Account.  Or, skip right to

Now go to Change Password.

Now type your old password, and your new password twice.

[back to top]

What if I forget my password or can't access my account?

You can reset your password by yourself if you're enrolled in the SOM Self-Service Password Reset (SSPR) portal.  As of the summer of 2022, all new users will be prompted to enroll in SSPR the first time you login.  You may have enrolled previously.  

During Summer/Fall of 2022, we will be requiring all users to enroll in the Self-Service Password Recovery service.  This will be a phased rollout by department.  If your department has notified you that you'll be enrolled, you can follow step-by-step SSPR instructions here.

To check if you've enrolled in SSPR, or to begin resetting your password, go here:

See our full SSPR documentation here, which includes how to enroll and how to change your info.

If you have not enrolled in SOM'S SSPR yet, and you have a linked UMID account, you can reset your UMID password.  This password will sync to your SOM account within a few minutes:

[back to top]

Password Requirements

If you do change your password, it must adhere to the following rules.

  • Can only change password once a day.
  • Minimum length of 12 characters.
  • Cannot be the same as any of your last 10 passwords.
  • Cannot contain any part of your name or username.
  • Will be checked against an algorithm to check against easily guessed passwords. 
When validating your password, Microsoft generates a score based on how weak or secure your password is, and it will be rejected if that number is too low.  For example, if your password is P@$$w0rd, the symbols are normalized so that it becomes Password. This would be rejected. The same would go for j0hn.d03 (if your name were John Doe), m3d!c!ne (which is in our organization name), or m@ryl@nD.  Password scoring rules change and improve over time.

What makes a good password?

  • The more characters the better (16 is a good start). 
  • Pick 3-4 random words that will be easy to remember (e.g. coursebandshinytune)
  • Include uppercase and lowercase letters, numbers and symbols (e.g. courSeb@ndsh1nytun3)
  • Do not include personal information or words someone might associate with you in your password.
  • Do not reuse passwords for different websites and services.  Never use your SOM password for any other online service.

[back to top]