The Oxford SSO password (currently) expires every year.

IT Services will send you several emails (starting from 20 days before) about renewing your password. However, with so many phishing emails doing the rounds it can be difficult to know what is truth and what is fake. Especially, as the scammers are getting REALLY good at faking it.

Something to know is that all official emails from IT Services will include your Name AND your SSO username. If it doesn’t include these then you should treat the message with suspicion, and you may want to contact us in the College IT Office for advice.

You can check your password expiry date at any time of the year here https://register.it.ox.ac.uk

But to help with all this, I thought about setting up an Outlook Mail Rule which will check the sender’s email address and whether the email contains certain keywords.

Mail Rules can be very powerful for organising your Inbox – from flagging a message from a specific person to automatically forwarding emails to a colleague when there is a specific subject mentioned in the title. It is worth investigating Mail Rules when you have a spare moment.

Outlook Mail Rule Example – Password Expiry Validation

You can create an Outlook Mail Rule from https://outlook.office.com/mail/options/mail/rules

  • Create a New Rule
  • Give the rule a name
  • Add a condition
    • FROM – help@it.ox.ac.uk
    • SUBJECT INCLUDES – Password, Expiry
      • You should also include your SSO username
      • (NB – the screenshot below does not include my SSO username because I created it to capture all the accounts to which I am responsible, of which I have MANY!)
  • Add an action
    • Categorise
      • Create a New Category – I suggest ValidPasswordExpiry
      • The category name must NOT have any spaces
  • And remember to SAVE the rule

Please Note – the above Mail Rule should be used as an aid only, and should not be seen as 100% proof that the email is genuine; a hacker could still get hold of your SSO in some way and spoof the sender’s email address. As a follow up measure you should consider putting a reminder in your Outlook calendar for when your password needs renewing.

Below is a screenshot of the rule once completed – together with an example email which has been tagged.