The Password Expiration Policy kept reaching a balance of convenience and security after its first introduction on 2 Sep 2015 – from having a 180-day-period in 2015 to 400 days in 2016. In 2017, the expiry has been fine-tuned by aligning the expiry date among all CUHK accounts*.

It is found that a fixed annual password expiry date will make it easier to be memorized and help users to develop a habit to change password annually. Promotion campaigns and technical support can also be arranged more effectively.

Learn more about the policy at https://www.itsc.cuhk.edu.hk/en-gb/it-policies/information-security-policies/revise-onepass-password-expiry-policy-from-400-day-expiry-to-annual-expiry.

*CUHK accounts include staff and student personal, departmental, project, student organization and temporary accounts.