Password Security allows users to set the security levels for both Mobile Users and Secondary Logins for both the website and mobile app. The security level can be set for the whole account, or can be broken down to User Group or individual Mobile User level.
Low Security | Medium Security | High Security | |
---|---|---|---|
What is the minimum length a password can be? | 2 characters | 6 characters | 8 characters |
Can the password be changed by the user? | Yes | Yes | Yes |
How many failed login attempts can there be before a user is locked out? | N/A | 5 | 3 |
How long before a password expires, and it needs to be changed? | N/A | 90 days | 60 days |
Will the user need to change their password after it has been changed by an administrator? | Yes | Yes | Yes |
Do the user need to change their password when logging in for the first time? | Yes | Yes | Yes |
Are there any restrictions on the password a user can use? | No | Yes - cannot use any of the 5 previous passwords | Yes - cannot use any of the 5 previous passwords |
The Security Level of a WorkMobile account can be set through the Settings page. All User Groups, Mobile Users and Secondary Logins that are created once the Account Security Level has been set will default to this Security Level. The Account Holder password will also be subject to the password policies of the selected Security Level.
Within each User Group there will be an option to select the Security Level. This level will then be applied to all Mobile Users within this User Group.
Mobile Users will, by default, inherit the Security Level of the User Group they are in. However, individual Mobile Users can have a different Security Level selected through the Mobile User Edit page.
The Security Level for a Secondary Login will by default match the level set for the Account Holder but similarly to Mobile Users, a different Security Level can be set for a Secondary Login when accessing the Secondary Login Edit page.
When moving a Mobile User into a new User Group, if the User Group has a higher Security Level than the Mobile User currently has then the Mobile User’s Security Level will be updated. If a Mobile User is moved into a User Group with a lower Security Level than their existing one, the Mobile User will keep the higher Security Level.
When accessing the edit page for a Mobile User or Secondary Login, portal users will be able to see a Consecutive Failed Logons counter. This number will increase with each failed login attempt until the user either: