This is your Penn State digital identity, composed of a User ID and password. These two electronic identifiers collectively provide access to a wide range of Penn State Internet services: LIAS, eLion, the Web, e-mail, University calendars, ecommerce sites, employee benefit information, research services, ITS-managed student computing labs, and more.
Your User ID (or "username") is usually your initials, often followed by a one-to-four digit number, such as xyz5000. This is the public part of your digital identity, typically viewable by others when you send an e-mail or fill out a Web form. If your User ID is xyz5000, then in general, your Penn State e-mail address will be xyz5000@psu.edu.
Your password functions as a "key" that enables you to open the University's many electronic doors (or Web sites). This is the private part of your digital identity. Protect and guard your password as you would your personal bankcard and PIN number. Never share your password with anyone and don't write it down or make it easy for someone to "crack."
Students, faculty, staff, alumni, retirees with benefits, continuing and distance education students, and other University affiliates are eligible. For more information, please see the policy Penn State Access Account Qualifications.
Students at University Park: If you attended the First-year Testing, Counseling and Advising Program (FTCAP), you should already have your Penn State Access Account. If not, take your Penn State photo ID card to a Penn State Access Account signature station and follow the instructions there. For hours of availability, see ITS Student Computing Labs. Make note of your user ID and password when they are displayed on the screen. Your account should be active within 24 hours. Except under special cases, a student that does not have an active Penn State Access Account will have their account activated during a semester for which they are scheduled for classes. The Penn State Access Account should be active approximately one week after the student officially schedules classes.
Students at Other Locations: Contact your local computer support staff for assistance. Most campuses also have an Penn State Access Account signature station to which you can take your Penn State photo ID card to obtain your User ID and password. Your account should be active within 24 hours of getting your User ID and password.
Faculty and Staff: If you are an employee, apply for your Penn State Access Account by completing and submitting a paper form to the ITS Accounts Services Office, 101 Computer Building, University Park. The Penn State Access Account form is available from the ITS Accounts Services Office. After three business days you can obtain your User ID and password by taking your Penn State ID card to the ITS Accounts Services Office or any of the Penn State Access Account signature stations.
ITS systems require passwords for newly activated Penn State Access Accounts to be changed at first use. This ensures that only the person who has been assigned the account knows the password.
ITS systems force expiration of Penn State Access Account passwords once a year. ITS recommends changing passwords more frequently for higher security. Each time you change your password, you will initiate a 365-day expiration cycle. ITS strongly encourages you to change your password before it expires, in order to avoid disruption to your access to University systems and services. You can check your password expiration date online.
Although all students, faculty and staff must change their Access Account passwords annually, passwords can be changed more frequently, and at any time, for higher security. ITS strongly encourages you to change your password before it expires, in order to avoid disruption to your access to University systems and services.
Eight weeks before the password expires, ITS will send an e-mail notification of the expiration date. This e-mail notification will be sent weekly until the password is changed or expires. In addition, when an individual's password is within four weeks of its expiration date, the WebAccess screen will present a brief message stating that the password will expire, and authentication through WebAccess will be denied. A link will be provided to a Web form where the individual can change the password. After the password has been successfully changed, access to authentication through WebAccess will be restored. If the password has not been changed within four weeks of its expiration date, weekly e-mail reminders will continue to be sent to notify the account owner of his or her impending password expiration (with instructions on how to change the password). Individuals who do not respond to these warnings and allow their passwords to expire will need to go to a signature station to reinstate their Access Account passwords.
ITS strongly encourages you to change your password before it expires, in order to avoid disruption to your access to University systems and services.
Strengthening Penn State Access Account passwords helps to ensure your personal security and the security of the University’s systems and resources. In addition, Penn State's ability to conduct secure and convenient on-line business with entities like the federal government and third party service providers, depends greatly upon our reputation and practices in computer/network security. Many factors go into a detailed analysis of the security of an enterprise—password strength and aging, and fraud detection—are just a small part of how Penn State is "graded" when establishing on-line business contracts and relationships. The practices of the institution and the individuals in the institution go hand-in-hand in these analyses. Requiring an annual password change for all Access Accounts is the first step in assuring that Penn State better meets the security requirements of external entities. It also enables the University to participate in the federal government's eAuthentication Initiative (EAI), which will be very beneficial to Penn State in the future. See FAQ #19 for more information about EAI.
Start with the password policy and guidelines. Also read best practices to learn how to create a strong, secure password.
Go to https://www.work.psu.edu/, login if necessary, and select the link "Change your password."
You must change your password at least once a year, but we recommend more frequently for better security. See FAQ #4 for additional information.
Your Penn State Access Account provides access to a wide range of Penn State Internet services such as the Web, e-mail, library resources, eLion, eCommerce Web sites, employee records, research services, and student computing labs. You may need additional University accounts for specialized services.
Individuals who forget their password or need assistance should contact the ITS Help Desk, the ITS Student Lab Consultants, or the ITS Accounts Services Office. Distance education students should contact the World Campus Help Desk for assistance.
Your Penn State Access Account is your digital identity at Penn State, no one else's. Your password serves as the key to many electronic services within the University community. Selecting a good password and changing it periodically are important ways to protect the privacy and integrity of your personal information and finances, and can help guard against identity theft. Hackers actively seek out weak passwords they can use to steal services or perpetrate malicious mischief. And it's not just hackers. We have found that in many cases, it is someone's ex-friend, ex-fiance, or ex-roommate who will use passwords to cause trouble or gain unauthorized access to private information. So don't share it with anyone, not even your parents, your best friend, your roommate, or your fiance. Read stories about what can happen.
When your password is within four weeks of its expiration date, the WebAccess screen will present a brief message stating that your password will expire, and you will be prevented from authenticating through WebAccess. You will be provided with a link to a Web form where you can make the change. After you have successfully changed your password, access to authentication through WebAccess will be restored.
Reserve the Penn State Access Account User ID and password for Penn State systems and services only. You should create a different username and password for external services such as stores, banks, music services, Web sites, personally owned computers, or other systems. Using your User ID and password on external systems could make you and the University vulnerable to theft of services, identity theft, or other crimes.
See the password policy and guidelines for the basic rules. Then check out password best practices for tips on creating a strong password and avoiding a weak password.
If you allow your Penn State Access Account password to expire, you must reinstate it by visiting an ITS Signature Station. If you do not have access to a Signature Station, you must contact the ITS Accounts Services Office for assistance. Distance education students should contact the World Campus Help Desk for assistance.
ITS systems retain a history of three passwords. This means that the last three passwords cannot be reused. When the password is changed, the account owner must create a password that is different from the last three passwords. ITS strongly encourages account owners to avoid reusing old passwords. See password best practices for tips on how to create a strong password that is easy to remember but hard to crack.
Certain special characters may be used as indicated at password best practices. However, note that some applications may not accept special characters. If this problem is encountered, changing the password to a combination of letters and numbers should solve the problem. See password best practices for a list of allowed and disallowed special characters.
The eAuthentication Initiative (EAI) is designed to improve electronic interactions between citizens, businesses, higher education, and all levels of government. Penn State is part of the federation of organizations (called InCommon) that will use the eAuthentication System to recognize and accept each other's digital identity credentials through the use of a common network. The initiative will make it possible for authenticated users to gain access to resources provided by many organizations without having to manage multiple accounts. Meeting this requirement will put Penn State in a favorable position in the future as more and more services move into a delivery model that will require strong trust among providers of digital resources, whether it's the government or the private sector.
Oracle Calendar is a calendaring and scheduling client available to departments, faculty, and staff for a nominal fee. Oracle Calendar users who keep an offline version of their calendar must change their offline calendar password to match their Access Account password each time it is changed. See Oracle Calendar Password Synchronization for instructions.
Many applications allow you to save your password within the software settings, so that you don't have to enter your password each time. You most likely entered your password and saved the settings in the software, and so your old password is being used when you launch your e-mail or other application. Check the settings and update your password. For better security, don't save your password in software settings. When a password is automatically entered, anyone who gains control of your computer or handheld device then has access to your e-mail or any other application where you have saved your password.
It's more convenient for you. You won't suddenly lose access to ANGEL, e-mail, eLion, or other Penn State systems at an inconvenient time. You won't lose time trying to figure out what's wrong. You won't have to follow the steps in FAQ #16. You'll also avoid the e-mail reminders mentioned in FAQ #5.
Check your password expiration date online, and change your password before you leave, if you'll be away around the time it's scheduled to expire.
No. ITS strongly advises against saving your password for login services, particularly when your Penn State Access Account is required for login. Saving your password in an application or on a Web site may seem like a convenient thing to do at the time, but actually can cause you hours of time and headaches later when everything stops working and you have to try to remember the old password in order to use your applications—and then figure out how to reset your new password in the application. Bottom line: it's better security and ultimately more convenient to not save your password in an application or on a Web site.
It's easy to check both by using the password expiration utility.
If you didn't find the answer to your question here, please let us know, or contact the ITS Help Desk for assistance.
To avoid disruption of access to Penn State systems and services, change your password before it expires. Here's how.
What can happen when you're careless with your password? Read these true stories to find out.