Password Maintenance

By using your UMKC Username to access UMKC services, you are agreeing to ALL Acceptable Use Policies and guidelines.

UM System has implemented Microsoft's Multi-Factor Authentication (MFA) system, which is required for all active accountholders. MFA is an effective way of stopping fraudulent account access by notifying you and requiring you to approve usage of your account. When accessing an MFA-protected service, you will be prompted to enter your UMKC username and password and authenticate the login process with multi-factor authentication.

It is important to set up multiple ways to authenticate in case something happens to one of your devices, like losing your smartphone. Using multiple options will help you maintain access to your account at all times, even if one method becomes unavailable.

Options include:

  • Non-UMKC email address
  • Microsoft Authenticator App
  • A device that can receive text messages
  • Phone number that can receive calls
Select a topic below for more information.

  1. Visit
  2. Type your UM System email address, example: You must use the @umsystem suffix or the system will not recognize you.
  3. Enter the Captcha characters in the picture and click Submit. If you receive a message stating password self service has not been enabled, that means there is no authentication information on your account and you will need to contact the Technology Support Center at 816-235-2000.
  4. You will be prompted to choose a delivery method for your passcode. Options include methods you entered in either myHR or Pathway (alternate email, cell phone, etc.)
  5. Enter the verification code you receive and click Next.
  6. Choose a new password and enter it in the "new password" and "confirm password" fields.
  7. Click "Finish". You will receive a Success message when complete. Please be aware it can take up to 10 minutes for the new password to take effect.


The best and most convenient way to use Multi-Factor Authentication is to download the Microsoft Authenticator app from either the iPhone App Store or the Google Play App Store.

  1. Set up Multi-Factor Authentication by going to to register.
  2. You will be redirected to the Microsoft MFA page.
  3. You only need to setup registration once.
  4. For more information on how to set up MFA, please visit our Multi-Factor Authentication instructional page.

Password complexity is controlled at the Domain Policy level through the use of Group Policy Objects. Complex passwords provide a basic and important component of overall information security. A "strong" password will include the following guidelines:

  • Avoid using words from a dictionary, common or clever misspellings of words, and foreign words.
  • Avoid using incrementing passwords with a digit.
  • Avoid preceding or appending passwords with a number.
  • Avoid using passwords that others can easily guess by looking at your desk (such as names of pets, sports teams, and family members).
  • Avoid using words from popular culture.
  • Avoid thinking of passwords as words per se; think secret codes.
  • Enforce using passwords that require you to type with both hands on the keyboard.
  • Enforce using uppercase and lowercase letters, numbers, and symbols in all passwords.

Password History
The practice of enforcing password history ensures that passwords are not reused in a short period of time or that a short, cyclic list of passwords is not used. Reusing passwords allows the user, in essence, to never change their password. Thus, this practice helps maintain the effectiveness of password security of the UMKC account.

For more information about using your UMKC account with Microsoft 365, please refer to the University of Missouri System Microsoft 365 Login Information page.