NYSPI Username and Password
- How do I change my password?
You will be prompted to change your password every 6 months. You may change your password using the NYS password self-service site: https://password.ny.gov. You need to set up your password profile before you can use the self-service site to change your password.
- How do I set up my self-service account?
Setting Up Your Self-Service Account
1. Navigate to https://password.ny.gov
2. Enter your email address and click on the box next to the words "I'm not a robot", then click OK.
3. Click My Questions and Answers Profile.
4. After clicking My Questions and Answers Profile, enter your Windows password on the next page.
5. Answer any three security questions and select PIN. Your answers to the security questions are secret, but the PIN will be visible to the Help Desk to validate your identity if you forget the answers to your questions or need other assistance.
6. Set up of your ITS NYS Password Self-Service account is complete!
- How do I use the NYS ITS Password Self-Service?
1. Navigate to https://password.ny.gov Click any of the buttons on the home page and follow the prompts to complete a function. The Unlock My Account feature (shown as disabled below) will be enabled if your account is locked.
2. For access to Forgot My Password and Unlock My Account, you must provide answers to the security questions or an RSA token to verify your identity.
3. When using RSA Hard Token (fob), you must enter your RSA PIN and RSA token code (without a space in between).
When using RSA Soft Token (smart phone app), you must enter only the RSA code generated by your PIN.
- How do I change my account settings?
Send details about the change to psyIT as an "Ask a Question" request here.
- I forget my password. How do I reset it?
If you have set up your password self-service, you may reset your password at the NYS password self-service site: https://password.ny.gov. If you have not set up that service, visit the service desk in Kolb L2 or call 646-774-5777.
- What are the NYSPI password requirements?
1) Passwords will expire every 6 months.
2) Passwords less than two days old can only be changed by an administrator (psyIT Service Desk).
3) Passwords must be at least 10 characters long. Using passphrases is recommended, since that makes it much easier to remember longer passwords.
4) New passwords must be different than the prior 24 passwords.
More information can be found here.
RSA Token Information
- What is an RSA token? Why do I need one?
Authentication factors are used to verify a user's identity before being granted access to any data system or protected information. The most common authentication factor (and one you are probably most familiar with) is a password.
Multi-Factor Authentication is a security feature that works to protect your account by requiring something in addition to a password. Accessing state-protected information from outside of the NYSPI network (e.g. from home or on a mobile device) will require the use of an RSA security token.
- How does the RSA token work?
An RSA Token generates a dynamic code that is used when logging into protected services from outside of a state network. When you access a protected service, your login will still be your work email address and password, but you will also need to enter the RSA token generated code.
- How do I get a token?
You can choose to get either a (1) hardware or (2) software token.
The hardware token is a small key-fob that resembles a USB device.
The software token is an app that can be installed on a mobile device.
Both of these methods work by generating a new code at regular intervals. You will be asked to enter the token-generated code when logging into a state-run system while outside of the NYSPI network.
You can register for your token at the My Token Self-Service Console https://mytoken.ny.gov. For most users, the software app will be most convenient. A step-by-step guide for requesting a token can be found at https://its.ny.gov/how-request-rsa-token.
RSA SecurID - Hardware Token
RSA SecurID - Software Token
- When will I receive my token?
Registration for a token can be done here and takes about 10 minutes. Software token requests require administrative approval, which typically is done the same day the request is made.
Once approved, your administrator will send you an email that contains your software token file and instructions on how to install, and activate, your new software token. Hardware tokens will need to be picked up from the service desk located on L2 of the Kolb building.
- Where can I learn more about getting or using an RSA token?
More information can be found here or by contacting the service desk.