Notice: Updating Password Practices for UH Usernames (Dec 27 11:22 am)

As of December 27, 2021, ITS has taken steps to strengthen the security of UH Usernames by introducing two new password requirements which:

  • Prevent the re-use of previously used passwords
  • Prevent the use of known-compromised passwords

When creating or changing your password on or after December 27, 2021, you will be informed if the password you have selected does not meet the requirements and will be asked to select a different password. While existing passwords will not be affected unless changed or updated, the ITS Cyber Hygiene Best Practice recommendation is that you update your password after 365 days if not using Multi-Factor Authentication (MFA).
These new password requirements will help safeguard against common tactics malicious actors use to gain access to online accounts, and better align our password practices with industry standards. Creating a strong and complex password for your UH Username is one of the most important steps you can take to secure your access and data across all systems, services, and technological resources available to users with a UH Username.
ITS also strongly encourages the use of MFA to secure your UH Username. MFA uses a registered mobile phone, landline, or hard token to provide an added level of protection. With MFA, even if a malicious actor gained access to your UH Username and password, they would not be able to log in without also having access to your second factor. For more information about MFA or to enroll, please visit
For questions about the updated UH Username password practices, please contact the ITS Help Desk.