Reset User Password
The V1 functionally to Reset User Passwords has been added to V2. This functionality allows a user to set a new password for their account using Recovery Questions.
The Following Packages are required:
- CC-WEB-SureView-UI-1.4.23477.0 or later
The first thing that needs to be done in order to be able to reset your password is set the users personal UserRecoveryQuestions. These can be set by the user when they are logged using the following steps.
NavMenu > User Account > Security > Change Recovery Questions
The User must select 3 recovery questions from the dropdwns, enter their corresponding answers along with their password to confirm the changes.
(The Questions can be added or changed in the
UserQuestions table as there is currently no UI interface for doing so)
Once the user has set their Recovery Questions the user will be able to recover their account.
Note: All users will have their Questions set to NULL and will not be able to Reset their password until they set their Recovery Questions.
Resetting User Password
Provided the Requirements and Setup steps have been met the user will be able to reset their own password using the following steps...
On the login page click the Forgot Password? text
This will open up the Reset Password Modal where the user must first retrieve their user questions by entering in their username
If the user is not found or does not have their recovery questions set it will return an error.
Note: This error message is deliberately vague to help prevent brute force attacks
After entering their username the user will be be able to see their User Recovery Questions.
To Reset the user password the user must match the following steps.
- Answered 2/3 questions correctly.
- The New Password must match the Confirm Password field.
- The New Password meets the systems password complexity criteria.
Password Complexity checks:
|Enforce Complexity checks||157|
|Minimum Special Characters||264|
|Maximum Consecutive Characters||162|