Site Map Online Directory
  Search Information Technology   Northwestern University  
YOU ARE HERE > HomeNetID & PasswordUniversity NetID Expiration
Additional Information

NetID & Password

NetID Expiration

A University NetID is property of Northwestern and acts as a key to University systems. Please visit Northwestern's NetID page for more information.

When an individual leaves the University, a NetID goes though an automatic natural expiration process detailed in the links below.

Note: If you wish to accelerate the NetID expiration process, please see "Accelerated Expiration of a NetID Account" below for things to consider.

Automatic Expiration of NetIDs for Faculty/Staff

The following includes an approximate representation of how a NetID expires. Automatically generated messages from email-accounts@northwestern.edu contain actual expiration dates.

Every faculty or staff member (non-temporary) has Human Resources Information Systems (HRIS) employee information that indicates his or her status at the University. HRIS provides data to the University's identity management system (SNAP), which in turn determines what type of NetID and access privileges to University systems a person should receive. When HRIS discontinues sending data, the NetID naturally expires along a planned timeline.

Note: There are special University business concerns that may require immediate termination of a NetID.

Separated Faculty and Staff NetID Expiration

NetID active? Days from NetID expiration Progression of events
Yes 0 HRIS discontinues sending data.
Yes +14 Notification is sent to the department; the NetID status changes to "was staff." Position information within the online directory entry disappears. This includes: title/positions, department, office phone and address.
Yes +21 (+37*) Notification is sent to NetID user describing pending deactivation. If a user receives this notification in error, please contact email-accounts@northwestern.edu.
Yes +42 (+58*) The NetID password is scrambled and cannot be reset without approval from a Dean, Director or Department Chair to extend the account. Auto vacation message is set to inform senders that mail may not be read. E-mail is held in the account. The online directory entry becomes invisible.
No +63 (+79*) E-mail and other services are deleted. If no off-campus redirection is present, the alias will be deleted and the e-mail address may be recycled.
No +365 The alias is deleted if redirection is present.

*In the months of June, July, August and September, additional days are granted to allow paperwork for annual appointments to clear HR and restart the HRIS data feed. This additional time does not affect alias deletion. If HR hasn't updated the account for 30 days as of October 1, the process may be reset to the "notify department" stage.

Staff Retirees

A University retiree may choose to retain his or her NetID and e-mail and directory services connected to it. If the retiree chooses to preserve the NetID, Human Resources benefits counselors work with them to ensure the retiree remains in the HRIS data feed sent to NUIT. Otherwise, the standard NetID expiration process will apply.

Automatic Expiration of NetIDs for Students

The following includes an approximate representation of how a NetID expires. Automatically generated messages from email-accounts@northwestern.edu contain actual expiration dates.

Every student has Student Enterprise Systems (SES) information that indicates their status at the University. SES provides data to the University's identity management system (SNAP), which in turn determines what type of NetID and access privileges to University systems a person should receive. When SES discontinues sending data, the NetID will naturally expire along a planned timeline.

Separated Student NetID Expiration

NetID active? Days from NetID expiration Progression of events
Yes 0 SES discontinues sending data.
Yes +14 The NetID status changes to "ex-student." Directory information controlled by the Registrar, such as permanent address, disappears from the online directory.
Yes +120 The NetID officially "expires;" passwords may be changed but can no longer be reset.
Yes +127 Notification is sent to NetID owner describing pending deactivation.
Yes +148 The NetID password is scrambled and cannot be reset without approval from a Dean, Director or Department Chair to extend the account. Auto vacation message is set to inform senders that mail may not be read. E-mail is held in account. The online directory entry becomes invisible.
No +169 E-mail and other services are deleted. If no off-campus redirection is present, the alias will be deleted and the e-mail address may be recycled.
No +365 The alias is deleted if redirection is present.

Automatic Expiration of Special NetID Accounts

A special NetID account is any account that was created or extended manually, including (but not limited to) departmental accounts, and accounts for temporary employees who don't use ETES.

Aging and expiration of special NetIDs is similar to that for faculty and staff, but the process is shorter by two weeks and aliases are deleted much sooner. Automatically generated messages from email-accounts@northwestern.edu contain actual expiration dates.

Expiration of Special NetIDs

NetID active? Days from NetID expiration Progression of events
Yes 0 NetID expires - at most, one year from last update; the departmental SNAP administrator, if one exists, is notified.
Yes +7 E-mail warning message is sent to NetID and to the owner.
Yes +28 The NetID password is scrambled. An auto vacation message is set to inform senders that mail may not be read. E-mail is held in the account.
No +49 E-mail and other services are deleted. If no off-campus redirection is present, the alias will be deleted and the e-mail address may be recycled.
No +60 Alias is deleted if redirection is present.

When a special NetID or an organizational NetID is created, a second NetID must be specified to receive copies of all automatic warning messages that are sent. By default, this secondary contact or "owner" is the approver of the NetID. This is a safeguard to ensure that a department is aware that a NetID is approaching deactivation.

Prior to deactivation of some special NetIDs, the account owner may authorize extending the lifetime of the NetID via a link in his or her expiration notice. A dean, director or department chairperson may also request an extension of the NetID by writing to email-accounts@northwestern.edu. Accounts may only be extended for a year at a time because retention of these NetIDs must be periodically justified.

Accelerated Expiration of a NetID Account

If needed, NetIDs will be deactivated as quickly as possible. If the individual returns to the University in any capacity, the dean, director, or department head, or HR staff consultant can reactivate the NetID by contacting email-accounts@northwestern.edu.

Deactivating a NetID

When you deactivate a person's NetID, it does not automatically remove the person's access to other University systems. Central administrative systems that do not use a NetID include (but are not limited to):

  1. Administrator access to HRIS
  2. CUFS (financial system)
  3. The University Travel System
  4. Office Supply Ordering - Corporate Express

Terminating a NetID

To terminate an individual's NetID that is tied to an e-mail account that receives University/School/Departmental business e-mail, choose one of the options below:

  1. Work with the employee to forward e-mail of a business nature.

  2. Set up an automatic forward. Forwarding e-mail to another account and setting up a vacation message may help maintain business correspondence. The forwarding and vacation message will last until the NetID is automatically deactivated. At that point, mail sent to the address will bounce to the sender with a message that the account is inactive.

    If an individual has not set up forwarding or a vacation message, a dean, director or department chairperson can send a request to email-accounts@northwestern.edu with:

    • NetID or e-mail address for the separating staff person,
    • address that will receive that individual's future e-mail, and
    • desired text for a vacation message instructing senders to use a different address.

    Security holds are not normally compatible with forwarding and vacation messages. Security holds deactivate the account to which they are applied. Deactivated accounts do not allow forwarding, but they do have a generic "This account is inactive" auto-reply.

  3. Redirect e-mail to another account can also be set up to another account. To redirect e-mail sent to a separating staff person, a dean, director or department chairperson may send a request to email-accounts@northwestern.edu with:

    • staff person's NetID or e-mail address, and
    • address for the person who will receive that individual's future e-mail messages.

    Redirection will last for about a year after HR stops updating the account. If a department believes a former employee is a network threat and requires forwarding from the account but does not need a vacation message, they can request "redirection." This could last for more than a year, so another request can be made to switch this off when it's not needed anymore.

Separating Employee

If the separating employee is also a Northwestern student, please keep in mind that terminating his/her NetID will affect access to student systems such as CAESAR. If reasonable, the University recommends that other methods be explored, such as terminating access to local systems only. When someone has multiple roles in the University, please be cautious, but act appropriately.

NUIT Recommendations

NUIT recommends that departments disable local server accounts in lieu of requesting an accelerated expiration of a NetID. Central NUIT can address centrally managed services, but departmental/school technology support will need to deactivate local account access to systems and local machines.

Transferring Within University

If transferring within the University or remaining within the same department/school but in another role, please remove specific University services that are no longer part of the job responsibility from the individual's NetID (example: Bulkmail services, iPassConnect). To do this, a request from a dean, director or department chairperson; an HR staff consultant; or a direct manager with a cc to the dean, director or department chairperson must be sent to email-accounts@northwestern.edu explaining that the person no longer is employed with your group and to remove specific services.

Note: For security and privacy issues, NUIT will not grant another person direct access to the personal e-mail account of a separating staff person. If the department believes that there are messages stored or unread within the separating person's e-mail account on the server, then the department may request that those messages be moved to another e-mail account. This must be accompanied by a request to redirect or forward future e-mail (see above).

NetID Password Expiration

Northwestern uses a "password aging" system which requires you to change your password at least every 120 days. Frequent password changes are essential for network and data security purposes.

Forced Password Change Notification

NetID active? Days since last password change Progression of events
Yes   Last password change.
Yes +78 First e-mail warning message sent giving the +120 deactivation date (see exception for summer months).
Yes +99 Second e-mail warning message sent giving the +120 deactivation date.
Yes +113 Third e-mail warning message sent giving the +120 deactivation date.
Yes +120 NetID password is scrambled. Auto vacation message set to inform senders that mail may not be read. E-mail is held in account.
No +240 E-mail account and all services are deleted.

Exceptions to password aging

Forwarding e-mail addresses do not require password changes.

A NetID that exists only to forward e-mail sent to one address to another e-mail account and to provide a directory entry for a department or organization, does not require password changes. Any student organization is limited to this kind of account. These forwarding NetIDs are also used by many departments.

Under specific circumstances, students and faculty password aging is disabled during the summer months (June, July, August)

Because students and faculty may be away from their NetID services over the summer, the months of June, July, and August are treated specially. If the first warning message would fall during those months, the aging process is frozen at that step until September. At the beginning of September, the first warning message is sent and the process resumes. Note: (1) "ex-student" NetID passwords age normally through the summer, and (2) if the first message is sent before June, the password will continue to expire.

Last Updated: 29 May 2007