Account: Change of Password

You can change the password of your JGU account at the user account self management site. The change will be made via an encrypted connection to the server at the Data Center. Alternatively the change may be made at computer terminals in the Data Center.

→ Change or reset password

Password conditions and restrictions:

For the login, the password must basically meet the following conditions:

  • The new password should contain at least 12 characters and three of the following four categories:
    • Capital letters (A..Z)
    • Lowercase letters (a..z)
    • Numbers (0..9)
    • Special characters (! "$% & / () =? + * # -.,;: _)
  • Your password must not contain your last name, first name, user name (account name) or any part thereof.
  • Do not use any of your previous passwords.
  • Avoid:
    • §, ä, ö, ü, ß, Ä, Ö, Ü, because these characters are not available on all keyboards*.
    • y, Y, z or Z, as these characters are in different places on English and German keyboards. This can cause problems if the computer unexpectedly loads an English / German keyboard layout.
* Note: If possible, do not use any third-party or public computers to log in with your university password.

Additional security check for new passwords and password changes

Since January 2021, an additional security check has been carried out with the database https://haveibeenpwned.com/ for each new password and each password change. This collects the hashes of the passwords* from password databases that are circulating on the Internet and checks whether the selected password was published in the event of a previous data leak. If so, you will be notified:
  • JGU account page: You will receive a message that the password you entered was part of a data breach and must not be used.
  • When changing the password under Windows using the key combination CTRL + Alt + Del or In such a case, Ctrl + Alt + Del "Change password" appears that the password does not meet the complexity rules. A more specific message cannot be displayed as the ZDV has no way of adapting it.
To ensure that the hashes of the passwords* are not passed on to a third party or website, the entire database was copied directly from the provider and has been running on ZDV's own server since then.