Password Settings

Configuring the domain-wide password settings

Overview

Network admins can configure the domain-wide password settings including password strength required, auto-expiry of password and more

Setting Up Password Strength

To help enforce stronger compliance requirements in your company, network admins can configure the complexity of the passwords using the password properties settings.

Admin Portal > Security > Password Settings > Setup Password Properties
  1. Length of password: Select the minimum number of characters the password must have. Possible values are 4 to 20 minimum characters.

  2. Complexity of password: Select the criteria which the password must meet or exceed.

    • Any character ok: The password can contain any character in uppercase, lowercase, numbers, and special characters.

    • Alphabet and number is required: The password can contain any character in uppercase, lowercase, special characters and MUST contain at least one number.

    • Alphabet, number and special character is required: The password can contain any character in uppercase, lowercase and MUST contain at least one number and one special character.

    • Uppercase, lowercase alphabet, number and special character is required: The password MUST contain at least one uppercase alphabet, one lowercase alphabet, one number and one special character.

  3. Prevent password re-use: Enforce that users should not be allowed to re-use previously used passwords when resetting/changing their password. Possible values are 1 to 6 previous passwords cannot be re-used.

  4. Auto-expire password: Select the number of days after which the users will be forced to change their password without any manual reminders from the network admins. Allowed values for password expiry are from 1 to 999 days.

  5. Save: Click the Save button to apply the selected password settings.

For AD/LDAP users, the password policies and options specified in MangoApps are NOT applicable. Users synced via AD/LDAP must use the AD/LDAP provider to reset/change their password.

The complexity option selected is applied to the 'Super Password' as well.

The password settings are applicable to all new users who sign up or are invited to your MangoApps domain, and when existing users request a password reset and change passwords.

Setting Up the Super Password

Super password allows network admins to login as any user in the domain. With a user's login ID and the super password, network admin can login as that specific user.

Admin Portal > Security > Password Settings > Setup Super Password
  1. Enable Super Password: Mark the checkbox to enable the super password for your MangoApps domain.

  2. Super Password: Enter the super password meeting the criteria selected in the 'Complexity of password' drop-down. The system displays the check marks for the matching criteria as you enter the super password while creating it.

  3. Confirm Password: Re-enter the super password.

  4. Save: Click the Save button to apply the selected password settings.

The super password can be used to log in as a specific user even if they have never logged into MangoApps domain after invitation/sign up.

Setting Up the Failed Password Policy

Network admins can choose to automatically suspend users after a certain number of incorrect password attempts. The user's account is deactivated for the specified period of time or until a network admin activates it again.

Admin Portal > Security > Password Settings > Failed Authentication Attempt Policy
  1. Consecutive Failed Attempts & Actions: Choose the number of consecutive incorrect password attempts and the action to be taken by the system for the user.

    • Number of attempts: Select the number of attempts to trigger the action to be taken for the failed password policy.

    • Action to take: Select the action to be taken after the specified number of failed password attempts.

      • Log Only: Only add a log entry for the incorrect password attempt(s) in the Security Log.

      • Log and suspend user for 1 min: Add a log entry and deactivate the user's account for 1 minute. The deactivated user is automatically activated after a successful login with the correct password.

      • Log and suspend user for 5 mins: Add a log entry and deactivate the user's account for 5 minutes. The deactivated user is automatically activated after a successful login with the correct password.

      • Log and suspend user for 10 mins: Add a log entry and deactivate the user's account for 10 minutes. The deactivated user is automatically activated after a successful login with the correct password.

      • Log and suspend user for 15 mins: Add a log entry and deactivate the user's account for 15 minutes. The deactivated user is automatically activated after a successful login with the correct password.

      • Log and suspend user for forever: Add a log entry and deactivate the user's account for forever. If selected, a network admin or a user's organization admin will have to manually activate the deactivated user.

  2. Save: Click the Save button to apply the selected password settings.

Setting Up the Password Change Notifications

By default, password-related email notifications are sent only to the user who requested a password change/reset. Network admins can choose to send email notifications to specific network users when a password change is requested in the domain.

Admin Portal > Security > Password Settings > Password Changes
  1. Notify the following people when users request the forgot password email: Mark the checkbox and select the network users that will receive an email notification when any user requests a password reset by clicking on the Forgot Password link on the MangoApps Login page.

  2. Notify the following people when users change their password: Mark the checkbox and select the network users that will receive an email notification when any user changes their password from their profile settings via the User Portal > User Portal profile drop-down > Change My Settings > Password.

  3. Send the password related notification emails to addresses entered in the following custom field for the user: Mark the checkbox and select the profile custom field (preferably a field which contains email addresses) specified in a user's profile to forward the email notifications for password reset requests and password changes. If multiple email addresses are added in the custom field, they MUST be 'comma' separated. The password notification emails will be sent to the configured addresses in addition to being sent to the user's primary email address.

  4. Save: Click the Save button to apply the selected password settings.

Password Reset Notification Email Preview
Password Changed Notification Email Preview

Setting Up the Custom Password Reset Page

Network admins can choose to redirect users to a custom-built password reset page when users request a password reset by clicking on the Forgot Password link on the MangoApps Login page.

Admin Portal > Security > Password Settings > Password Reset Page
  1. URL: Enter the internal/external URL to the custom-built password reset page.

  2. Save: Click the Save button to apply the selected password settings.

Did this article help? Your feedback adds value when we shape up the help articles. Hit the smileybelow to let us know!