Passwords

Resetting a Password by a User

A user can request a password reset by selecting the Forgot Password? link when logging into Security Administration or selecting the Change Password link in the User Information section of their User Profile. After selecting a link, an email is automatically sent to a user with a link to set up a new password.

If a user has five failed login attempts, they will be locked out. The user must contact an Administrator. An Administrator can reset the password but they do not have access to a user’s password and cannot retrieve it.

Resetting a Password by an Administrator

If a user is locked or requests a password reset, go to the grid on the Users page and select the user. Select the Reset Password link. An email will automatically be sent to the user with a link to set up a new password.

  • Locked and Password Reset Pending are not available until after a user has registered.

  • Locked indicates a locked account. An account is locked after five failed login attempts, or two failed responses to challenge questions. Unlock the account prior to selecting the Reset Password link.

  • Password Reset Pending indicates an email was sent to a user to reset their password, but the user has not completed the reset. If the user does not reset their password within seven days, they must request a new password reset.

Password Requirements

  1. Passwords requirements include the following criteria:
    • Passwords must be eight characters long.

    • Passwords must contain three of the four character groups:
      • At least one uppercase character (A-Z)

      • At least one lowercase character (a-z)

      • At least one numeric character (0-9)

      • At least one special character, consisting of the following: ! " # $ % ' ( ) * + , - . /: ; = ? @ [ \ ] _ ` { | } ~

    • Passwords can only be changed once every 48 hours.

    • Passwords must be changed every 90 days.

    • A user cannot reuse their previous 6 passwords.