The article is part of the Security & Permissions page.
The Passwords tab enables Admin Users to have more control over security by setting Password Parameters. These parameters enforce password requirements that Users must follow when creating their passwords.
A password can have up to seven different parameters required for each User, and every requirement will allow an Admin to choose which User Role that requirement is applied to by Primary Role. While an Admin may only set a few parameters for lower-level Primary Roles, they can have stricter parameters for higher-level Primary Roles. This allows an Admin's Password Policy to be customized for every type of User.
Security
The following Permissions are associated with the Password tab of the Security & Permissions page.
- Administration
- Password Policy
- View Password Policy
- Edit Password Policy
- Password Policy
Learn more about managing Permissions and Custom User Roles here. The Permission Access report can be used to determine which User Roles or Users already have these Permissions assigned. Learn more about User Setup and Security here.
Navigation
To navigate to the Passwords tab, hover over 'Administration' on the top ribbon, then the 'Users & Security' sub-menu, then click 'Security & Permissions'. A new window will open that displays Security & Permissions options.
Click on the Passwords tab to access Password Parameter options.
The Settings subtab of the User Roles tab can be used to view the existing Password Parameters by User Role. Learn more about the User Roles tab here.
Password Parameters
1) Minimum character limit - A minimum amount of characters required in a password. If toggled, the minimum character limit is between 1 and 20.
2) At least 1 uppercase letter - A minimum of one uppercase letter would be required for each password.
3) At least 1 lowercase letter - A minimum of one lowercase letter would be required for each password.
4) At least 1 number - A minimum of one number would be required for each password.
5) At least 1 special character - A minimum of one special character would be required for each password.
6) Force periodic password reset - An automated forced reset after a specified number of days.
7) Blacklist certain words - Certain words and numbers would be blocked from being used as part of a password. If toggled, the following options will appear:
1) Blacklist all usernames - The User's username will be blocked from being entered as part of their password. However, this would not block a User from using another User's username in a password.
2) Enter blacklisted words - A manual entry of any words or numbers that will be blocked from being used as part of a password. These must contain a minimum of three characters.
- To Add a Blacklisted Word: Enter the desired combination of letters and/or numbers, then click the plus iconto include each entry in the 'Blacklisted Word' grid.
3) Blacklisted Word Grid - List of all blacklisted words.
- To Delete a Blacklisted Word - Click the trash iconnext to the entry.
8) Apply Standard Policy - This button will generate a standard password policy when clicked. All parameters, except the preexisting 'Blacklisted Words', will be updated and can be further adjusted if desired.
Setting Parameters for Different User Roles
For each Password Parameter toggled on, a drop-down will display a 'User Role(s)' field that will be defaulted to all Users. This provides the option of making that parameter required for all Users or for certain selected User Roles.
When finished, click 'Save' on the top ribbon.
If the Admin is unsure of which parameters are set for certain Users, they can preview these requirements on the Settings subtab of the User Roles tab. Learn more about the User Roles tab here.
User Password Creation
When Users create their password, a listing of all the required parameters will be located below the 'New Password' field. As characters are typed in, the listing will display when each requirement is fulfilled. The User won't be able to save their new password until all required parameters have been met.
Updating Requirements
The Admin User can update the Password Parameters at any time. Whenever an update is made, the Admin will see a Confirmation message that has them confirm the changes made.
Users with changed requirements will see a 'Change Password' screen when they attempt to log in after the new password requirements have been saved. This forces Users to update their existing password by typing in their current password and entering in a new password using the requirements listed.
- Note: If a User has an existing password that meets the updated requirements, the User will not be prompted to update their password
On 06/01/2022 this article replaced documentation for the legacy 'Password Policy' page.