Password Management tab

Use the Password Management page to configure requirements for users' passwords. These settings apply only to users who are considered Infor OS Portal identities, those users who are managed by the Infor OS Portal system.

Do not share passwords with others. Sharing credentials can lead to unauthorized access to an application resulting in unauthorized disclosure, modification, or destruction of data.

Do not reuse passwords across different Infor OS tenants. Each tenant should have it's own password. If your password is compromised for one tenant, your account can then be compromised for the other tenants.

The Password Management page has these options:

Option Description
Password Expiration You have the option to set the number of days before a password expires and require a new password. You can choose from 90 to 150 days. Enter 0 for the password never to expire.
Password length You have the option to set the length of the password - minimum 8 characters and a maximum of 15 characters.
Account locked attempts You can set how many attempts a user can sign in with an incorrect password before the account is locked. You can choose from 3 to 5 attempts.
Account locked time You can set the length of time a locked account stays locked before being automatically enabled. You can choose from 15 to 30 minutes. When the set time expires, locked users are automatically enabled.
Disable Inactive Users You can use this setting to disable a user if the user’s account is inactive for more than the specified days. You can choose from 30 to 120 days. A value of 0 means that the account will never be disabled due to inactivity.
Password History You can use this setting to restrict users from re-creating a password that was used previously. The allowed range is from 3 to 24. For example, if the value is set to 3, the user cannot reset the password with any of the last three previously used passwords.
Prohibit Password Reset You can use this setting to restrict a user from resetting a password until the time that is configured has elapsed. A value of 0 disables this setting. The allowed range is from 0 to 24 hours. For example, if the value is set to 3 hours, the user is unable to reset the password within a 3-hour time frame.
Enable Password Expiration Emails When enabled, users are sent an email 14, 7, and 3 days before their password expires.
Password cannot contain 3 or more consecutive characters. For example: abc, 123. When enabled, users are not allowed to create passwords that contain consecutive characters: 0-9, 9-0, z-a, and a-z.
Password cannot contain 3 or more consecutive repeating characters. For example: aaa, 111. When enabled, users are not allowed to create passwords that contain 3 or more consecutive repeating characters, such as aaa, bbb, ccc, 111. For example, the password PASSWORD11183748 would not be allowed when the feature is enabled.
Password cannot contain the following user attributes When enabled, the administrator can disallow users from including their first name, last name, username, and, or email address in their password.
Enforce custom forbidden password list When enabled, administrators can create their own custom library of forbidden passwords. Users are disallowed from creating a password that contains any of the listed forbidden words.
Enable Password Vulnerability Check When enabled, the user cannot create a password that has been previously compromised in known data breaches. This list of vulnerable passwords is not editable by the administrator.

You do not have the ability to set these password requirements.

Passwords must contain:

  • One uppercase letter
  • One lowercase letter
  • One number
  • One special character: ] [ ? / < ~ # ` ! @ $ % ^ & * ( ) + = { } | : " ; ' , >

Users are prevented from reusing their last three passwords.

Note:  The system invalidates existing sessions when users change their password by using the Recover Password page.