Implementing a password policy is a great step towards securing your application's login process! It enforces the use of strong passwords, which can significantly reduce the risk of unauthorized access.
We have provided access in Paybooks to set up your password policy based on your Company Infosec rules.
This option is available for the following roles:
• HR
• Finance
• Auditor
• ATT Admin
• Customer Admin
On the Home page click “Settings”.
Click “Configure rules”
Click “Password policy”
Enter the “Password Age”.
You can set the password age, i.e. for how many days the password will be valid.
If you set it for 10 days, the password will expire after 10 days, and you will be prompted to change the password.
If you set it for “0” days, then there is no restriction on the password age and the password will not expire.
By default, it will be “0”.
Enter “Number of previous passwords which cannot be reused”.
If you enter 4, then you cannot use 4 previous passwords i.e. the system will restrict you from using 4 passwords that were previously used.
If you enter “0”, then there is no restriction on the usage of the previous passwords.
By default, it will be “0”.
Please note that you must update the Password age and “Number of previous passwords which cannot be used” in numbers.
You cannot enter any non-negative numbers or alphabets.
Click “Save”.
Once your password expires based on the number of days entered in the settings, you will be redirected to the password expiry page.
There is a message that your password has expired, and you need to change the password, and a verification link to change the password has been sent via email.
Upon receipt of the mail, please click the link provided “Click here”.
You will be prompted to update the following:
Old Password
New Password
Confirm Password
Hint Question and Answer.
You should enter unique passwords.
Once the unique password is entered, it will redirect to the dashboard page.
Once you change the password, the link will expire.