Policy Details

RSM InTime

The password policy is set for the whole Agency

The password must be between 8 and 50 characters long and contain at least three of the following:

• Numbers

• Upper case letters

• Lower case letters

• Special characters

 Passwords cannot contain:

• Spaces

• Alphabetical sequences

• Numerical sequences of length 3

• Qwerty keyboard sequences

• Four repeated characters

• Accented letters, e.g. á é

• The following characters: £ ¬ € < >

Note:

• The number of days that a password is valid for is defaulted to 180 days, after this period it must be changed.

• Accounts are locked after 5 failed attempts

InPay

The password policy is set for each customer and can be overridden based on role.  As part of the configuration you can specify

1. The minimum length of the password (default 8)
2. Whether it must include both a number and a special character (default yes)
3. The number of days that a password is valid for.  After this period it must be changed (default 90)

Note:

• Accounts are locked after 5 failed attempts
• Accounts are disabled if the user has not logged in for 70 days
• Passwords cannot contain common words or number sequences (123456, abc123, password, qwerty...)

 Payslip Portal

The password policy is set for each customer and can be overridden based on role.  As part of the configuration you can specify

1. The minimum length of the password (default 8)
2. Whether it must include both a number and a special character (default yes)
3. The number of days that a password is valid for.  After this period it must be changed (default 90)

Note:

• Accounts are locked after 5 failed attempts
• Passwords cannot contain common words or number sequences (123456, abc123, password, qwerty...)

Client Portal

• Minimum length 8
• Contain at least 1 number, 1 upper case character, 1 lower case character, 1 non alphanumeric character
• Expires after 91 days
• Locked after 5 failed attempts
• Disabled if no login within 6 months