The security of your information is very important. So RFP360 gives your administrators tools to enforce corporate password rules.
If you are an administrator, you can configure the password rules (or edit them) through the Accounts page.
If you have multiple accounts in a hierarchy, select the top of the tree. If you have just one account, just select that one.
There are multiple tabs. Click on the Settings tab.
On the left-hand side, you'll see the Security Settings. You can set up the following:
- the Maximum unsuccessful login attempts before a user are locked out
- the Lockout time in minutes
- the Minimum password length (8 characters is pretty common for a minimum)
- the requirement for a Capital letter
- requirement for a Special character (a non-number or non-letter character)
- to enable the Password Reset frequency, click on the checkbox and the Frequency option is shown
- the Password Reset frequency in months
At the bottom of the page, you'll need to Save your settings.
When you Save, you can also choose to Apply these settings to all of the child accounts (if you have a hierarchy of accounts). You can also force users to Update their Passwords upon the next login. Once a user logs in, they'll be taken to a page to reset their password following your new settings.
When users log in next, if you have set the system to prompt enforcement, your users will have to reset their passwords. The rules you have selected are shown at the right.