Enhanced password settings and configurations are now available under the "Settings / Configuration" area. These optional features are often restricted to administrators of your CMS; if you have questions about them, feel free to reach out to Crownpeak support.
- Password Expiration - an administrator can turn on / off the expiration of the CMS users's passwords, as well as force a password expiration immediately for all users (this is by default turned off however, to prevent issues for your users). You can also configure the number of days prior to the password expiration when a user will be notified about the upcoming expiration. This notification will appear on the login screen.
- Password Re-Use - an administrator can also decide how many days, if any, that a password cannot be re-used as well as the number, if any, of previous passwords that can be re-used. Number of days that a password cannot be re-used is limited to 3 numerical digits.
How does password expiration and recovery work for end users?
- Password expiration - If your CMS administrator has enabled password expiration for your instance of Crownpeak, users will need to create a new password at some time in the future (which is determined solely by your CMS administrator or internal security policies). The CMS administrator has the ability to request that you are notified a certain number of days prior to the expiration date; if you find that this feature is not enabled, you should contact your administrator to request it. You will be notified when you login to the CMS but before you enter the application; you will have the option to create a new password at this point, or wait until it officially expires. If you wait until expiration, then you will be a slightly different notification prompting you to now create a new password. Once complete, you will be able to enter the Crownpeak application. Lastly, the "Remember My Login" option will not apply to these scenarios for security reasons; you will have to enter your newly created password once before the "Remember My Login" will take effect. Please note: you can always update your password and other account settings within Volte by selecting the "Welcome" area next to the search button, or by navigation to "Settings / Account" area.
- Password recovery - Although not a new feature, it is helpful to recount what happens for users who forget their password. The login screen has a link titled "Forgot Password." This can be used to create a temporary password; you must enter your email or username associated with the Crownpeak account. A temporary password will be send to the associated email account so that you may access the application in this manner.
- Temporary passwords - Please note that a temporary password used to reset or re-enable a user account will expire after one-time use, prompting the user to create a new permanent password before s/he can login to the application.