...
The University of Waterloo manages all userids all userIDs and passwords through UWaterloo Identity and Access Management (WatIAM). A person's WatIAM credentials are used to access all UWaterloo's systems including Quest, LEARN, Workday, and email.
...
Be between 8-32 characters long
Have at least one character from at least 3 of the following groups
Numeric characters (0-9)
Lower case letter (a-z)
Upper case letter (A-Z)
Non-alphanumeric character (-, %, ^, !, $, #, +, etc.)
NOT include all or part of your given names or surname
NOT contain your useridyour userID
NOT contain an email address
...
Go to Password Recovery.
Enter your userid userID and an external email address, then click Next.
If those two things match data on the identity, a password reset message will be sent to the supplied email address.
Log into your external email address, open the password reset message and click on the provided link.
...
Any password breaches or compromises are subject to the Information Security Breach Response Procedure.
WatIAM accounts that have been found to be or suspected of being breached will be temporarily locked until they have been investigated. People will be directly contacted by a member of Information Systems & Technology (IST) regarding their account. If you believe your account has been compromised and have yet to receive any communication from IST, please contact the ACO Help Desk or the IST Service Desk.
...