Can Neoserra users manage their own passwords?
Yes! But only if a Neoserra administrator allows it from the global configurations, as shown in the next graphic. In fact, there are many password settings that administrators can take advantage of to make password management (1) more convenient for users and (2) more secure. To access these settings from Neoserra, the administrator should be in administrator-mode and select Administration|Configuration|General Settings.
Each of the above-pictured settings is discussed next.
Allow user password change?
When the Allow user password change? configuration is set to "Yes," users can update their passwords at any time from their Neoserra preferences page
Note: This first setting must be active in order for the other password management settings to be available.
Allow user password reset?
When the Allow user password reset? configuration is set to "Yes," users that have forgotten their passwords can request a password reset from the login page. Neoserra requires that the user provide an e-mail address that matches an e-mail address stored in an active user account record as discussed in this FAQ.
User Password Expiration
Neoserra administrators can enforce auto-expirations of user passwords to reduce the chance of password compromise simply by entering a number of days into the User password expiration field.
You can enter "0" to indicate that you don't want the Neoserra user passwords to expire at all. You can enter "90" or "180" or any other number of days to force users to change their passwords every 90 or 180 days, respectively.
Users will need to change their password X days after their last password change. In other words, it is not 90 days after you edit this setting when a user will have to change their password. It will be 90 days after the last time THEY changed their password. Thus, different users will have different dates when they need to reset their password. If Jane reset her password on January 1st and the password expiration is set for 90 days, then she will need to reset her password on March 30th. John, on the other hand, who last changed his password on January 15th, won't need to change his password again until April 15th.
Users will get a warning 14 days prior to their password expiration that they will soon need to change their password. This is to ensure that they are not caught unaware of the pending password change requirement.
Minimum Password Length and Password Complexity
Neoserra administrators can force password strength by using the Minimum password length and Password complexity fields in combination. This setting will apply both to your Neoserra users and your eCenter Direct users (i.e. your clients). Clients signing up for services on eCenter Direct will be asked to create a password for themselves, and the password strength will be the same as the password strength you require of your Neoserra users. The automatic help will show them the specific requirements configured in your database:
The password expiration is not applied to your eCenter users.
Want more? Browse our extensive list of Neoserra FAQs.