Resolution:
Ajera 8.10 will be improving the way user security will be handled, starting with more industry standard password protection. All Ajera users will be prompted to change passwords at the first log into 8.10 if the user's current password doesn't meet the new requirements.
The new requirements include:
- Minimum of 8 characters
- An upper- and lower-case letter
- A number
- A special character
SaaS Customers:
The password will be required to be reset after 120 days. When the password has expired, the employee will be prompted to create a new password when logging in. This setting cannot be changed.
On Premise Customers:
- The password will be required to be reset after a period of time.
- The reset time is defaulted to every 90 days but can be reset to 30, 60, 90, or 180 days.
- As of version 8.10.03, passwords can be set to never expire.
- To change this setting: Go to Company > Preferences > System Settings tab.
- When the password has expired, the employee will be prompted to create a new password when logging in.
- It is recommended that users change passwords to meet the new requirements before downloading the new release.
FAQ:
- An employee's new password cannot match any of the previous 12 passwords used.
- If an Administrator changes an employee's password in Setup > Employees, the employee will be prompted to change it at the next login.
- If an employee attempts the wrong password 6 times, a 10 minute lockout will occur.
- If a login is attempted during this 10 minute period, the timer will be reset.
- If an employee uses Mobile Timesheets only (never logs into the main Ajera site), the new password requirements will not apply to them.
Knowledge Base Reference Number: KBA #85800