About the portals Set Password process

The SyteLine portals employ these password security protocols to help you safeguard user access:

  • Passwords are stored in an encrypted value
  • Forgotten passwords must be reset; we do not send reminders
  • Users are verified as the account owner before we verify that the account exists
  • Users are notified by email of all account changes
  • Users receive a unique reset URL rather than a temporary password
  • The reset URL includes a token that is generated randomly using a cryptographically safe algorithm; that is sufficiently long, to protect against brute-force attacks; and that expires after an administrator-specified period of time

This flowchart summarizes the Set Password process for new portal accounts (use case 1) and for existing accounts when the password has been forgotten (use case 2):

Set Password process