PECOS Admin » 4. Organisations » 4.3 Company Settings » 4.3.3 Password Rules

4.3.3 Password Rules

The Company Settings screen allows you to set up Password Rules for your system.
fig 4.8.png

Password Generation

A password is created and assigned to a user when a new user profile is created and a password is changed when an existing user has their password reset. There are two options for defining how that password is generated:

  • Set to User ID: PECOS will set user’s passwords to be the same as their user ids. An eMail will not be sent to the user informing them of their password and they will not be required to change it when they log in for the first time. or
  • System Assigned: PECOS will automatically generate a user password using random numbers and letters. The user will be sent an eMail (to their organisational eMail account using their user profile eMail setting) containing their password. The user will be forced to change their password when they first login.

Where system assigned passwords are generated, an eMail will be sent to the user to notify them of their new password. This eMail will also contain the user’s login id and system URL. Users will change these passwords once they have logged in (using their new password): PECOS will navigate the user directly to the ‘Change Your Password’ screen and force the change.
Fig 4.9 - System assigned eMail body text.png
To add to the text sent in these notification messages see: Notification Messages.

Password Format

In addition to selecting a password generation option, you may optionally select password formatting rules. These rules will operate irrespective of the generation option selected above and all or some may be set:

  • Number of days a password remains valid – this numeric field enables passwords to expire after the number of days entered.
  • Password expiration warning message – the system will display a password expiration message on the login page, from the number of days entered up to and including the date it expires.
  • False attempts allowed – the system will disable a user ID after the number of failed login attempts entered here. A locked user must contact their system administrator to have their password reset.
  • Previous passwords validated for uniqueness – the system will validate a new password for uniqueness against a number of previous passwords. Enter the previous number of passwords to be used to validate the new password here.
  • Minimum password length – allows administrators to enforce a minimum password character limit. The system default and minimum is 6.
  • Enforce use of numbers and letters – If set to ‘Yes’, requires that new passwords contain at least 1 numeric and 1 alphabetic character in addition to requiring a minimum field length requirement.

Configuration Tip

When new users are being created it is a good idea to select the password generation option of setting passwords to be the same a user id’s. In this way configuration and communication can be better managed. After the users are created, the password rule may be changed to system assigned, thereby forcing users to change their password when they first login.

Marketplace Configurations

Password Rules options may not display if your PECOS P2P site is integrated within a Marketplace (and your instance is installed as a ‘Marketplace P2P’) or if PECOS is incorporated within a Single Sign On solution. The ‘Reset Password’ button is also removed from the User Profile > User Information screen. In such a configuration users and their passwords are managed in the marketplace administration portal.

Navigation


P2P  Overview

P2P  Procurement

P2P  Admin

P2P  Approvals

P2P  Reports

P2P  Mobile

P2P  Documents

Using Online Help


Selective Export


© 2021 Elcom International, Inc. All rights reserved.