A standard password change form will look like this without the password generator:
With the password generator, the user will see this:
Users will be able to automatically generate and store new passwords with My1Login. In addition to this they don’t need to do this twice as at the same time the new password is saved with the respective third party website.
Password Options within the generator allow users to be able to change how their passwords generate by changing what characteristics, this includes:
- Requirement for Uppercase Characters
- Requirement for Lowercase Characters
- Requirement for Numeric Characters
- Requirement for Special Characters
- Length of Password
Forced Application Password Change
This feature allows admins to force users to update their passwords automatically either based upon age of when it was last changed or password strength requirements.
The My1Login team will configure a password change script on your behalf.
Enabling Forced Password Change
As an admin, you can enable automation around when a user has to change their password either time lapsed or by password strength requirements.
- In the admin portal, navigate to Apps | Applications
- Within Web Applications find the web app you wish to enable password change on and highlight it
- Click on the shield icon to view dialogue box:
- Forced Password Change successfully enabled:
- No Forced Password Change Script:
Setting Password Rules
Password policies set in My1Login should align with the minimum requirements of the third party application.
My1Login provides the following options for password rules within a password policy:
- Requirement for Uppercase Characters
- Requirement for Lowercase Characters
- Requirement for Numeric Characters
- Requirement for Special Characters
- Minimum Length
- Maximum Length
- Hide Updated Password From User
- Applies To All Users
- Disable Generic Password Change
- Force Expiry
- Enforce Policy Compliance
- Force Change On Next Login
- Allow Manual Password Update
Requirement for ““ Characters: The Requirements for characters specify their respective character type.
““ Length: Minimum and maximum length of the generated password.
Hide Updated Password From User: When a password is updated through the password policy, it can no longer be viewed in plain text by the user.
Applies to All Users: The policy is set to all users on the account.
Disable Generic Password Change: The password generator does not appear on the third party sites password change page.
Force Expiry: After a set number of days, the auto password change is ran for that user the next time they log into the site.
Enforce Policy Compliance: The policy settings for the required characters are guaranteed in the password generation.
Force Change On Next Login: The next time a user logs into the third party site, their password is changed via the password change page.
Allow Manual Password Update: Users are allowed to update their password using the password generator on their own accord.
Obscuring Passwords
With both automatic password change and with sharing credentials, passwords can be hidden from the user’s view. Within the password policy for automatic password change there is an option called “Hide Updated Password From User“, the next time users update their password, they will not be able to view the password.
My1Login's automatic password change functionality relies upon the third party site not changing the necessary links and structure