Pentana Risk Site Admins can configure several rules for password validity and expiry. These are set in the Browser application but will also apply to Classic logins and User access.
- Setting up Password Admin Rules
- Password Format Rules
- Password Expiry Rules
- Resetting User Passwords
- Problems with Resetting Passwords
Setting up Password Admin Rules
In the Browser application, click on the ‘Go To..’ menu and select ‘Site Admin’ then ‘General Site Options’. In the menu on the left, there is a section on passwords:
Click on the ‘Passwords’ heading to edit these options:
Password Format Rules
Site Admins can set several rules for new passwords. More information can be found in the Online Help. These options include:
- Minimum length
- Numbers and letters
- Upper and lowercase characters
- Special characters
Password Expiry Rules
Site Admins can define when they want passwords to expire. 90 days is the recommended value to ensure that Users are protecting their login details.
An additional option is given to warn Users to alter their passwords ahead of this schedule. They will see this when they login.
Resetting User Passwords
Passwords can be reset in four ways within the system:
Direct password change. This is initiated in the User Notebook, from the User menu.
The logged in User needs to hold either the ‘Site Admin’ or ‘Users Create’ permissions to access this option; their password is required to confirm the change, and any password requirements are displayed in the modal.
Force Password Change tool. This is found in the User notebook menu and will force the User to change their password on next login. This option is available for Site Admins only. Do not use this option for Users whose passwords have already expired.
Via the ‘Forgotten Password’ tool. This is accessible to end users on the login page.
This will prompt the system to send an email to the Users registered email address (so it is important to ensure these are kept up to date).
Via the ‘Send First Time Log in email’ tool. This option is available to Users with the ‘Users Create’ permission; it sends an email detailing login information and the ‘Forgotten Password’ link so that the end User can reset their password.
Problems with Resetting Passwords
Users may experience issues using the ‘Forgotten Password’ tool (directly, or via the ‘First Time Login’ process. This is due to one of the following:
- Their User profile doesn’t have a valid email address against it.
- Their email address has been used against multiple Users in the system.
In this instance, a Site Admin with access to the system can help them identify these issues by checking their User notebook or running a User report listing email addresses.