Password management

The username for your user account is not secret, but the password for the account is. The password is your personal key that is used in ensuring that the person using the username is you and not e.g. your neighbour. You absolutely must keep your password secret and never reveal it to anyone! Even if you trust another person unconditionally, he or she does not have the right to use the username provided to you by the University of Helsinki.

Revealing your password to someone else is a serious breach of the terms of use. By doing so, you may lose your access rights to the university’s computer systems. System administrators will never ask for you to reveal your password, since they have other means of solving problems without knowing your password. If someone asks you for your password, posing as a system administrator, they are probably trying to scam you.  Never reveal your password – instead report the case immediately to the Helpdesk.

At the University of Helsinki, Multifactor Authentication was introduced for Microsoft Office 365 services in autumn 2021. Read more about Multifactor Authentication in the instructions provided by the University’s IT Helpdesk.

Initial password

You can find your first password in the summary of your user account which you receive at the end of the user account activation. For information security reasons, you must change the initial password as soon as you use it the first time. Some services which require logging in may also not work properly before you change your initial password.

There are three ways you can change your password:

More detailed instructions are available on the Helpdesk site.

What is a good password like?

As a rule of thumb, a good password is easy for you to remember but impossible for others to guess. It should not be too similar to passwords you have used before or are using at the moment in other services. A good password is long enough (at least 10 characters), and it should not be a word that can be found in a dictionary as such.

Each service or system will have its own password rules. This is also the case at the University of Helsinki. A password for a University of Helsinki user account must have both lower and uppercase letters and at least one number. More information about good and bad passwords can be found in the chapter Safe use of Passwords.

If you forget your password

If you forget your password, you can create a new temporary password with the university’s electronic password reset service. For using the service, you will need a Finnish personal identity code and online banking credentials, a mobile certificate or an electronic identity card issued by the police. You must also change the temporary password provided by the reset service to a password that you have invented yourself!

If your password expires

The password linked to the university user account is valid for one year, or more precisely, for 365 days. You will be sent an automatic reminder before the expiry date, unless you have already changed your password before this. For information security reasons, we recommend changing your password more than once a year. You can change your password at https://www.helsinki.fi/password.

The password should be changed in due time because an expired password prevents you from logging in to practically any of the University of Helsinki’s services. To change an expired password, you must first reset it using your online banking credentials or by identifying yourself at an ID Point service desk!