Versions Compared

Version Old Version 16 New Version 17
Changes made by

Mark Holland (Unlicensed)

Mark Holland (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Policy Details

InTime

The password policy is set for the whole Agency

The password must be between 8 and 50 characters long and contain at least three of the following:

  • Numbers

  • Upper case letters

  • Lower case letters

  • Symbols

 Passwords cannot contain:

  • Spaces

  • Alphabetical sequences

  • Numerical sequences of length 3

  • Qwerty keyboard sequences

  • Four repeated characters

  • Accented letters, e.g. á é

  • The following characters: £ ¬ € < >

Note:

  • The number of days that a password is valid for is defaulted to 90days, after this period it must be changed.

  • Accounts are locked after 5 failed attempts



InPay

The password policy is set for each customer and can be overridden based on role.  As part of the configuration you can specify

  1. The minimum length of the password (default 8)
  2. Whether it must include both a number and a special character (default yes)
  3. The number of days that a password is valid for.  After this period it must be changed (default 90)

Note:

  • Accounts are locked after 6 failed attempts.
  • Non Self Service accounts are disabled if the user has not logged in for 70 days

 

Client Portal

  • Minimum length 6
  • Contain at least 1 number, 1 upper case character, 1 lower case character, 1 non alphanumeric character
  • Expires after 91 days

 


UPDATE - 26 May 2016 - Password Expiry

User passwords now expire every 6 months. On login they will be prompted to change their password (this does not affect Single Sign On/Web Services users). You will not be able to Switch To users that have not  yet logged in or whose password has expired.

UPDATE - 26 May 2016 - Maximum Login Attempts

User accounts are now locked after 5 failed login attempts. The user is prompted to contact their administrator to unlock their account. To unlock a user's account, in the Profiles menu, select Unlock Account. Enter the user's username and click Unlock.

...

Alternatively, to unlock a user's account, in the Profiles menu, select correct user level (manager, consultant etc) and do a search for the user. Check the select box next their name and click Unlock Accounts. Note, this method can be used to unlock multiple accounts at the same time.

Impersonating Users

Providing you have the Get Passwords role, when viewing a worker/manager you will see a Switch To User action in the top corner of the user details page as shown below.

...