ISS is in charge of keeping the University IT systems secure and for providing appropriate levels of access to those who need it.

When you log on to the University network using WebLogin, your credentials are authenticated and, if successful, you are granted access to the services, systems and data appropriate to you. You are responsible for what happens to the university systems or data accessed by yourself whilst you are logged on. This applies even if it is someone else who has gained access using your credentials. 

Watch the video below to find out three top tips for keeping your password secure and safeguarding the information that it protects. 

Frequently asked questions

 What if I am prompted for a One-Time Password (OTP)?

If you are using WebLogin and are prompted to enter a one-time password (OTP), you should use the Authenticator app on your phone or tablet (or your physical authentication key) to generate one. For more information, see Multi-factor authentication (MFA) help.

If you no longer have access to the app you set up (or to your key), see Using OTP recovery.

 How do I create a good, strong password?

There is lots of advice around choosing a good password. Some suggest picking lots of different symbols and random characters such as Phyd75$g7F, but unless you are using a password manager, these are very difficult to remember and encourage password reuse.

It is recommended, to create a long password with some complexity of mixed characters – but ensure it's still memorable.

Using a long password with different words and some symbols or numbers in the middle makes it much more difficult others to guess (e.g. Glove&&&shopping).

Now your password is secure you need to make sure that you only enter it into the correct place and not reuse passwords across other sites.

If you need any help identifying a good password, take a look at the random password generator. You can test the strength of any passwords before using them using a strength estimator

 How do I change my University password?

If you can remember your current password, you can change the password yourself on our online password change page.

You will need to enter your username and current password in the relevant fields, then your new password.

When trying to change the password please choose something that is easy for you to remember but hard for someone else to guess.

Ensure the new password:

  • Is at least 10 characters or more in length;
  • Does not contain any personal information (such as date of birth, address, etc.);
  • Does not use any easy to guess words (such as lancaster or password);
  • Is a completely new password (i.e. you are not permitted to re-use an old University Account password); and
  • Makes the bar to the right turn green.

You can increase the complexity of your password by including more upper case letters, numbers and symbols in the password. Not using a dictionary word, or use repeated letters or sequences of letters in the password will also help.

If you cannot remember your password, read the Forgotten your password advice.

 If you have applied to be a new student but not yet started your studies at Lancaster, you will have been issued with a Lancaster ‘Friend’ account. To reset the password for this account, go to the Forgotten your password advice.

 How do I register for online password reset?

The online password reset service enables you to reset your University account password online.

To be able to reset your password you must have previously registered a personal email address to which a verification email can be sent. Instructions on how to do this are included below.

Please see Register for online or phone password reset.

 How do I register for password reset by phone?

The Password Reset by Phone service enables you to have your University Account password reset by phoning the ISS Service Desk.

To use this service, you will need to Register for online or phone password reset.

 What are the key points of the University Password Policy?

The key points of the University Passwords Policy include:

  • Your password must be at least 10 characters in length.
  • Having changed your password, you cannot change it again until 24 hours has elapsed.
  • After 5 failed attempts in 10 minutes, your account is locked out for 5 minutes.

 I have forgotten my password, what do I do?

Please see Forgotten your password for instructions on how to reset your password.