A password policy helps protect users from fraud and breach of security.
In Book4Time you can choose to enforce a password policy and setup the password rules such as the password length, expiry period, and complexity.
Note: When a new user is setup, the user is prompted to change their password immediately after they first log into Book4Time.
To setup a password policy
- From the main menu, navigate to Admin > System Settings.
- Expand Global Preferences and click Password Policy.
The Preference Setup opens on the right side of the screen.
- Click Edit located on the top-right corner of the screen.
- Complete the following fields:
- Enforce password policy: Select the checkbox to ensure user passwords comply with PCI requirements.
- Minimum Password Length: Enter the minimum characters allowed in the password. For example, if you enter 8, the minimum characters permitted in a password would be 8 or more.
Note: The password length must be at least 7 digits.
- Password Expire Days: Enter how often passwords should expire.
Note: If the password can expire, the user will be prompted 14 days prior to expiration date.
- Password Reset Expiry (Hours): Enter the time (in hours) when a password reset link should expire.
- Minimum Password Complexity: Select the requirements of a password such as password must have one number and a letter or must have one upper case letter and a number.
Note: Passwords must be alphanumeric containing both alphabetic and numbers (i.e. ABCD123).
- # of Invalid Attempts Before Account is Locked: Enter the maximum number of access attempts a user is allowed before the user is locked out.
Note: After the invalid attempts, the user needs to wait 30 minutes before attempting to login again or contact their administrator.
- New Password Cannot Match Last Password: Enter the number of previous passwords that cannot be repeated when resetting or changing the password. For example, the new password cannot match any of the 4 previous passwords.
- Click Finish.