Security>>Security Settings>> Password Configuration
Password Configuration
Access to HRplus is restricted through password control. Each user logs in with a user ID and password, which the application tracks. The strength and complexity of passwords are user-defined and affect the security level required for accessing HRplus.
Password Configuration Management: Setup, view, edit, and delete password configurations. This is the responsibility of the Database Administrator or Master User, who should:
- Plan and align security measures with company policies and goals.
- Implement policies to ensure all passwords are kept private.
Best Practices for Password Security:
- Passwords should never be written down or shared.
- Use random, non-common information (avoid using names, dates of birth, etc.).
- Passwords should ideally contain at least one special character, one capital letter, one number, and be at least 8 characters long.
Set up Password Configurations
Capital letter required: Select Yes if the password is required to contain a minimum of 1 upper case letter (A-Z). Otherwise, select No.
Change Default Password: Select Yes if the user is required to change their default password.
Common Letter required: Select Yes if the password is required to contain a minimum of 1 lower case letter (a-z). Otherwise, select No.
Number required: Select Yes if the password is required to contain a minimum of 1 numeric character (0-9). Otherwise, select No.
Password Expiry Date:
- If ‘Yes’ is selected, enter the number of days after which the Password will expire in the value field.
- If ‘No’ is selected, then the password will not expire i.e. it can be used as long as an employee remains a valid user.
Password Expiry In-App Popup Notifications: Select Yes if a pop-up message is required to prompt the user, on logon, to change his/her password. The message is displayed based on the number of days in the Value field.
Password Expiry Reminder:
- If ‘Yes’ is selected, enter the number of days in advance you wish the reminder to be sent to HRplus users in the value field. The reminder will be sent to the users’ email address.
- f ‘Yes’ is selected and no value is entered then, by default, the reminder will be sent via email 5 days before the password expiry date.
- If ‘No’ is selected, then no reminder will be sent to users. On the password expiry date, users will be prompted to enter a new password.
Password Length: Select Yes if the password must be at least 8 characters in length, but can be much longer. Otherwise, select No.
Password Reuse:
- If ‘Yes’ is selected, then users will not be able to reuse (re-enter) old (passwords that have been used before) or existing passwords.
- If ‘No’ is selected, then a user’s previous and current passwords can be reused any number of times.
Special Character Required: Select Yes if the user is required to contain a minimum of 1 special character. E.g. ~`!@#$%^&*()-_+={}[]|\;:"<>,./?. Otherwise, select No.
Two Step Verification:
- If ‘Yes’ is selected then:
- Enter the number of minutes after which the Two factor Token will expire, if the user does not login within this time.
- In addition to entering a password on the login screen, users will also be sent, via email, a PIN which is also to be entered .
In the example below, 10 minutes is entered. The first time a user logs in with their username and password, they will be prompted to enter the PIN sent via email.
- If the user does not enter this pin within 10 minutes from when it was sent, then a new pin will be required.
- If the user logs in successfully and then logs out, if they decide to log back in within the 10 minute period after the pin was sent, then they will not be asked to enter a new pin.
- If the user logs in successfully and then logs out, if they decide to log back in after the 10 minute period, then a new pin will be sent to their email address.
Once you have entered your chosen configuration options, click on the Submit button to save.
The HRplus app will be updated to always reflect the options that have been enabled (those for which Yes is selected).
0 Comments
Add your comment