Connect With UC

ChangE Your Password

First time Directions for logging on to your usrinus laptop if you changed your password off campus


There are two supported methods for changing your password:

1. While on campus using a computer on the Ursinus domain and connected to the network:

  • Log into your computer, hold down the Ctrl, Alt, Delete keys at the same time
  • Click the “change password” link or button (link if Windows 7, lower left button if Windows XP)
  • Enter your current password, the new one, and the new password a second time to confirm it
  • Click the arrow next to the “Confirm Password” box to submit (click OK if it is Windows XP, then “Cancel” to close the window and return to the desktop)
    A message will appear, either password changed successfully or with an error (for example, if the “new password” confirmation did not match).

2. Using Outlook Web Access: the only supported method when off campus:

  • Log into Outlook Web Access (OWA or webmail) through the UC website or directly at
  • Click “Options” at the top right
  • Click “Change Password” in the left column under “Options”
  • Enter the old password, new password, and confirm the new password
  • Click the “Save” button at the top

Please contact Tech Support x3789 or if you need more information or assistance

Password Complexity Requirements

Complexity requirements are enforced when passwords are changed or created.
Passwords must meet the following minimum requirements when they are changed or created:

  • Passwords must contain at least 6 characters.
  • Passwords must contain characters from three of the following five categories:
    • Uppercase characters of European languages (A through Z, with diacritic marks, Greek and Cyrillic characters)
    • Lowercase characters of European languages (a through z, sharp-s, with diacritic marks, Greek and Cyrillic characters)
    • 0 through 9 (Base 10 digits)
    • Nonalphanumeric characters: ~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/
    • Any Unicode character that is categorized as an alphabetic character but is not uppercase or lowercase. This includes Unicode characters from Asian languages.
  • Passwords must notcontain the user's entire email/network username or entire Full Name. Both checks are not case sensitive:
    • The email/network username is checked in its entirety only to determine whether it is part of the password. If the email/network username is less than three characters long, this check is skipped.
    • The Full Name is parsed for delimiters: commas, periods, dashes or hyphens, underscores, spaces, pound signs, and tabs. If any of these delimiters are found, the Full Name is split and all parsed sections are confirmed not to be included in the password. Sections that are less than three characters in length are ignored, and substrings of the sections are not checked. For example, the name "Erin M. Hagens" is split into three sections: "Erin," "M," and "Hagens." Because the second sections is only one character long, it is ignored. Therefore, this user could not have a password that included either "erin" or "hagens" as a substring anywhere in the password.


  • Never give your username and password to anyone via e-mail. Ursinus will never ask you for your password in an email.
  • Please remember not to leave your laptop unattended. If your laptop is stolen, you are responsible for reporting the theft to the local police, and paying a $500 deductible before being issued another laptop.
  • Do not click on links or attachments in spam e-mail, or from senders you do not know. Enter the address into the browser window, or go directly to the organization web site and follow the links
  • Keep up with browser and operating system software updates - especially security related updates
  • We have seen an increase in spammers sending spam by forging our e-mail addresses as the message sender; this generates a lot of ‘Non-Delivery Receipts’ (NDR), and ‘Delivery Status Notifications’ (DSN) messages to the users who’s mailbox was used as the forged sender. It does not necessarily mean that your computer or network accounts were compromised. Nor does it represent any significant security concern in and of itself. The flood of messages usually abates in a day or two, once the spammers move on to other addresses. You can read more about it on the Backscatterblog.
  • Go to search for "protect yourself" for links to articles about protecting personal information, phishing, spear phishing, e-mail scams, safe instant messaging, safe blogging, identity theft, spoofing, backscatter spam, etc.

Blackboard Course Combine Form

Faculty and Staff Technology Resource Guide (pdf)

Student Technology Resource Guide (pdf)