Typically everyone at MIT needs to reset their Kerberos password by end of July each year.
For those resetting their Kerberos password from off-campus, see this article from MIT IS&T:
Remote Domain Computers and Password ChangesThe Change your password while on the VPN section should be useful.
After the password has been reset make note of steps 3 and 4; step 3 it says to Lock your computer by either clicking "Windows+L" or "Ctrl-Alt-Delete" and selecting "Lock" and step 4 Wait 10 minutes for your computer to establish a connection to the domain and sync the new password.
How to Obtain Global Protect VPN
I forgot my password, can I have it reset?