The Password tab permits a user
to change their password. Password parameters, limits, and complexity
settings are configured by your organization. Depending on your
system configuration you may only see a Password section,
or a Password and a Phone Password section.
Password only settings, as shown in the image below, are
used to change the password to log in through the Web, and the phone
when unique phone credentials are disabled. The application
will automatically convert the password to a phone keypad equivalent
when passwords contain characters. For example, a password such
as 48!CAT must be entered on a phone keypad as 48228. Special
characters are stripped, and letters convert to the corresponding
number on a phone keypad, so C is 2, A is 2, T is 8 (228).
Password and Phone Password settings as displayed
below appear when Allow Unique Phone Credentials has been
enabled. The Password settings apply to the Web ID.
The Phone Password settings apply to the phone.
About Passwords Changes in v7.4.4.2+ and 7.5.2+
Your login credentials are controlled by your organization’s
Login Policy. The Login Policy assigned to your profile determines
the strength and complexity of your password. This application will
alert you when you fail a password requirement. For reference, the
password criteria assigned to your Login Policy appears in the Password
tab in My Info.
To increase system security, user login policy defaults changed
in application version 7.4.4.2+, 7.5.2+, and 7.5.4+ as follows:
- The default minimum password length is set to fifteen1 , but can be greater than if
your organization chooses to increase the minimum length.2
- The user’s Login ID cannot exist in a Web Login ID password.3
- Users will be forced to change their password if the password
upon log in matches the default password.
- The system will alert you when the password supplied matches
a word from the forbidden password list.
- The default lockout period can no longer be configured to ignore
failed login attempts. This field is now required with a minimum
lockout period preset to thirty minutes, but can be greater than
if your organization chooses to increase the lockout period.
Additionally, you can manage your password by going to: My
Info > Password. A password can be changed once per day.4
Note:
| Important Information About Web Passwords |
These restricted special characters are not
supported. To avoid login issues please do not use these characters
when creating a new web password:- Apostrophe ‘
- Quotation Marks “
- Carat ^
- Ampersand &
Special characters supported:!
@ # $ % * ( ) < > / ? : ; [ ] { } , . | \ = + - _ / <space>
Do
not use a <space> at the end of any password, doing so will prevent
you from logging in.
|
About SSO Login
This application supports Single-Sign-On (SSO). SSO
setup login is dependent on the security.property file. which can
be set through:
- IDP (Identity Provider) only
- Both IDP and Web
If your database administrator chooses IDP validation only, the
application will prompt you to enter user credentials once, upon
success the user is presented with the Dashboard. The ability to
reset your password in this application will be ineffective. To
reset your password contact your system administrator for direction.
If an Administrator chooses both IDP and Web, the application
will prompt you twice for credentials via IDP, and again via this
application’s web login page. In this case, SSO validation is required,
followed by application validation, so the user sees SSO login,
then application login page and upon successful login the user is
presented with the Dashboard. Simply put, when the login page for
this application appears after IDP sign-in this means you have both
IDP and Web user validation, essentially two security layers before
system access, and the user can reset the password in the application.
Reseting the password when SSO is enabled can be tricky to the eye
because whether or not a user can reset the password directly in
the application depends on whether or not both IDP and Web validation
are enabled.
