Password Policy
|
The system configures all available password fields (such as TenantEmailConfiguration and TenantEmailMailbox to be of password field type. You can only define one password policy for a tenant; therefore, the password policy must accommodate all the various password values configured in the tenant. |
Setting the Password Policy
Use the Password Policy page to manage the password policy for each tenant.
| 1. | Within the Configuration console, open the Password Policy workspace. The Password Policy page appears. |
| 2. | Enter information into the fields. |
--fields--
| Field | Description |
|---|---|
| User Passwords Expire in | Number of days before the password must be changed. |
| Minimum Password Length | Minimum length for passwords. |
| Password Complexity |
Specifies the password complexity requirements for system users:
|
| Allow Forgot Password Request | Adds a link to the application login page where users can request a new password. |
| Forgot Password Email Subject | The contents of the subject line of the Forgot Password email. |
| Forgot Password Letter Template |
The text of the Forgot Password email. Include the ($TempInternalAuthPassword) string used to generate a temporary password. The temporary password expires within 3 days of the password request. |
| 3. | Click Save Policy. |
After updating the policy, the system sends an error message if a user tries to change a password to one that does not meet the updated password policy. The policy is enforced on password changes, not for previously existing passwords.
Changing User Passwords
When a user changes a password in the system, HEAT checks the password against current password policy requirements. If the new password does not meet the requirements, an error message appears.
Users can change their password from any of the following places:
- From the login ID menu in the Service Desk Console.
- From the Employee workspace. See Using Employees.
- From the Forgot password link on the Login page.
