Password Recommendations and Information
This article defines strong passwords for users provides and context on the added Password Security settings in PantrySOFT.
Strengthen Your Passwords with Three Simple Tips:
The following information regarding strong passwords is from the CISA Website. To learn more, please access the following link: Use Strong Passwords
A strong password follows ALL THREE of these tips.
1. Make them long
At least 16 characters - longer is stronger!
2. Make them random
Two ways to do this are:
Use a random string of mixed-case letters, numbers and symbols. For example:
- cXmnZK65rf*&DaaD
- Yuc8$RikA34%ZoPPao98t
Another option is to create a memorable phrase of 4 – 7 unrelated words. This is called a “passphrase.” For example:
- Good: HorsePurpleHatRun
- Great: HorsePurpleHatRunBay
- Amazing: Horse Purple Hat Run Bay Lifting
Note: You can use spaces before or between words if you prefer!
3. Make them unique
Use a different strong password for each account.
For example:
- Bank: k8dfh8c@Pfv0gB2
- Email account: legal tiny facility freehand probable enamel
- Social media account: e246gs%mFs#3tv6
PantrySOFT Settings for Password Requirements
Description: For increased security options, settings have been added to configure User password strength.
- Users can find and change these settings under Setup > General Settings > Scroll down to the "Users" section.
- Users can hover over the "i" icon to get more information regarding each setting:
- The settings are:
- User Required Password Strength:
- Password Strength Guidelines are as follows:
- Password Strength Guidelines are as follows:
- Password Aging Expiry Period:
- This is the Number of days before a user is prompted to change their password upon logging in.
- If, for example, the expiry period is “365 days”, and the user logs in on day 366, they will be sent to the screen pictured below and prompted to reset their password.
- If, for example, the expiry period is “365 days”, and the user logs in on day 366, they will be sent to the screen pictured below and prompted to reset their password.
- This setting is Non-Blocking This means the User can navigate away from this screen without resetting their password.
- The User will, however, be sent to this screen every time they log in until their password is no longer “older” than the expiry period listed in that setting.
- This setting defaults to "0", meaning that it is disabled and will not prompt any User to reset their password.
- This is the Number of days before a user is prompted to change their password upon logging in.
- Number of Saved Password Hashes:
- When a user updates their password, this is the number of previous passwords the new password is checked against. If this says 8, the new password can not be one of the most recent 8 passwords this User has had.
- User Required Password Strength: