A user administrator sets the password when creating a user account, and users can update passwords at their discretion, as explained in This Article. But by default, there's no mandatory password change requirement. Here's where the Password Expiry feature becomes relevant.
It's an optional feature within the User Management section that includes:
- Automatic expiration of every user's password after a specified number of days.
- User dashboard notifications for users within 5 days of password expiration, encouraging a password change before expiry.
- User administrators can enforce immediate password expiry and change for:
- An individual user.
- All users within the company.
Enabling Password Expiry
To enable this feature:
- Head to the Global Settings tab within Company Settings > Company.
- In here:
- Password Expiry Enabled: Select this checkbox to enable the feature.
- Password Life Days: Set the number of days before a users password expires.
- Select [SAVE].
Once enabled, any password older than the Password Life Days setting will expire and the user will be prompted to change their password when next logging in.
Forced Password Expiry
When the Password Expiry feature is enabled, to force immediate password expiry:
- For an individual user:
- Access the user within User Management > Users.
- Select [EXPIRE PASSWORD] and confirm.
- For all users of the system:
- Navigate to User Management > Password Management.
- Select [EXPIRE ALL USERS PASSWORDS] and confirm.
The selected user passwords will be expired immediately and the users will be prompted to change their password when next logging in.