User Passwords and Expiration

Student passwords can be changed or reset by the student, their teachers, and by anyone with an LEA Administrator, Help Desk, or Student Help Desk role. (See the Teachers page for how to change passwords within the My Students view).

Employee passwords can be changed or reset by the employee, or anyone with the LEA Administrator or Help Desk role.  Staff with a Student Help Desk role do not have access to staff accounts.

Changing a user password that has expired is fairly straight forward:

Step 1: You attempt to login at the IAM Service RapidIdentity screen as usual.

Step 2: When you click on "Go" you receive a red error message indicating your password is expired.

The self-service function of changing a user password is fairly straight forward:

Step 1: Log into the NCEdCloud IAM Service, and at the Applications screen click on "Profiles".

If you forgot your password, you can reset it using the IAM Service's "Password Reset" functionality:

Normally, NO.  Only if their LEA or Charter school opts-in to the IAM Service student password expiration.  To opt-in to the student password expiration policy, please have an IAM Service LEA Administrator submit a ticket to the NC DPI Technology Support Center at: https://ncgov.servicenowservices.com/sp_dpi

Student password expiration can be implemented in one of the following ways:

When a new employee claims their IAM account they will be forced to set an initial password. They will be prompted to change their password beginning 80 days (10-day notice) after they set their initial password.

Yes, passwords can be changed at any time, but for employees they must be changed at least every ninety (90) days. For students, the password expiration feature may optionally be turned on if the LEA wishes.

• Passwords shall be at a minimum 8 characters in length and no longer than 16 characters.
• Passwords shall be comprised of at least one of each of the following:
  • Upper case letters
  • Lower case letters
  • Numbers
• Passwords shall not contain the username alias (the portion of the user’s email address before @yourdomain.com).  
• Username, first name, last name, spaces cannot be used within the password
• Passwords shall not begin or end with ! (an exclamation point)

Password change notifications will begin ten (10) days prior to a user’s password expiration. Within the 10-day window, each time a user logs into the IAM Service they will receive a pop-up notifying them their password will soon expire and they will be prompted to update their password.

All users (both employees and students) have a default password that is randomly generated for that specific user when their account is created.  However, employees (and potentially secondary students) won't actually use their default password as they will set a new password when they claim their account.