Password Settings
Configuring the domain-wide password settings
Last updated
Configuring the domain-wide password settings
Last updated
Overview
Network administrators have the capability to configure comprehensive domain-wide password policies to enhance security and streamline user management within their network. They can enforce strong password requirements, including minimum length and complexity criteria, to reduce the risk of unauthorized access due to weak passwords. Admins can also set default passwords for new users and establish a super password feature for troubleshooting and administrative tasks.
Additionally, they can define policies for handling failed authentication attempts, notify stakeholders about password-related events, and customize password reset pages to improve user experience and security awareness. These configurations collectively contribute to a robust security posture by ensuring that passwords are secure, policies are enforced effectively, and administrative tasks are streamlined within the network environment.
Network administrators can configure domain-wide password policies to enforce stronger compliance standards. These password settings are applicable to all new users who sign up or are invited to the domain, and when existing users request a password reset and change passwords.
Length of password: Select the minimum number of characters the password must have. Possible values are 4 to 20 minimum characters.
Complexity of password: Select the criteria which the password must meet or exceed.
Any character ok: The password can contain any character in uppercase, lowercase, numbers, and special characters.
Alphabet and number is required: The password can contain any character in uppercase, lowercase, special characters and MUST contain at least one number.
Alphabet, number and special character is required: The password can contain any character in uppercase, lowercase and MUST contain at least one number and one special character.
Uppercase, lowercase alphabet, number and special character is required: The password MUST contain at least one uppercase alphabet, one lowercase alphabet, one number and one special character.
Prevent password re-use: Enforce that users should not be allowed to re-use previously used passwords when resetting/changing their password. Possible values are 1 to 24 previous passwords cannot be re-used.
Auto-expire password: Select the number of days after which the users will be forced to change their password without any manual reminders from the network admins. Allowed values for password expiry are from 1 to 999 days. Leave the field blank to dis-able auto-expire.
For AD/LDAP users, the password policies and options specified in MangoApps are NOT applicable. Users synced via AD/LDAP must use the AD/LDAP provider to reset/change their password.
The complexity option selected will also be applied to the Super Password section.
Administrators can establish a default password for new users upon sign-up or invitation. This simplifies onboarding processes and ensures that all new accounts start with a secure initial password, enhancing overall domain security by reducing the likelihood of using weak or common passwords. Users will be required to change this password once they login.
SThe super password feature allows network administrators to log in as any user within the domain for troubleshooting or administrative purposes. This capability streamlines support activities and ensures that authorized personnel can access user accounts when needed, enhancing efficiency in managing user issues.
Enable Super Password: Mark the checkbox to enable the super password for your MangoApps domain.
Super Password: Enter the super password meeting the criteria selected in the Setup Password Properties drop-down. The system displays the check marks for the matching criteria as you enter the super password while creating it.
Confirm Password: Re-enter the super password.
The super password can be used to log in as a specific user even if they have never logged into MangoApps domain after invitation/sign up.
Network admins can choose to automatically suspend users after a certain number of incorrect password attempts. The user's account is deactivated for the specified period of time or until a network admin activates it again.
Consecutive Failed Attempts & Actions
Choose the number of consecutive incorrect password attempts and the action to be taken by the system for the user.
Number of attempts: Select the number of attempts to trigger the action to be taken for the failed password policy.
Action to take: Select the action to be taken after the specified number of failed password attempts.
Log Only: Only add a log entry for the incorrect password attempt(s) in the Security Log.
Log and suspend user for 1 min: Add a log entry and deactivate the user's account for 1 minute. The deactivated user is automatically activated after a successful login with the correct password.
Log and suspend user for 5 mins: Add a log entry and deactivate the user's account for 5 minutes. The deactivated user is automatically activated after a successful login with the correct password.
Log and suspend user for 10 mins: Add a log entry and deactivate the user's account for 10 minutes. The deactivated user is automatically activated after a successful login with the correct password.
Log and suspend user for 15 mins: Add a log entry and deactivate the user's account for 15 minutes. The deactivated user is automatically activated after a successful login with the correct password.
Log and suspend user for forever: Add a log entry and deactivate the user's account for forever. If selected, a network admin or a user's organization admin will have to manually activate the deactivated user.
By default, password-related email notifications are sent only to the user who requested a password change/reset. Network admins can choose to send email notifications to specific network users when a password change is requested in the domain.
Notify the following people when users request the forgot password email
Mark the checkbox to select the network users that will receive an email notification when any user requests a password reset by clicking on the Forgot Password link on the MangoApps Login page.
Notify the following people when users change their password
Mark the checkbox to select the network users that will receive an email notification when any user changes their password from their profile settings.
Send the password related notification emails to addresses entered in the following custom field for the user
Mark the checkbox and select the profile custom field (preferably a field which contains email addresses) specified in a user's profile to forward the email notifications for password reset requests and password changes. If multiple email addresses are added in the custom field, they MUST be 'comma' separated. The password notification emails will be sent to the configured addresses in addition to being sent to the user's primary email address.
Admins can direct users to a custom password reset page, enhancing user experience and security awareness by ensuring that password reset processes occur through a trusted and familiar interface. Customization of the reset page contributes to overall security by providing a seamless and secure method for users to reset their passwords.
URL: Enter the internal/external URL to the custom-built password reset page.
Save: Click the Save button to apply the selected password settings.