OneStop have introduced a new password policy in ComPay.
This will increase our level of security and comply with PCI compliance.
This behaviour is for all ComPay access levels; Master Administrator, Administrator and User access levels.
Forgot Your Password?
This new function allows the user to reset their own password.
Select the 'Forgot your password?' link - which is highlighted in the below screenshot.
The link will direct the user to a new page. (highlighted below)
Enter in your Client ID and User Name and press the Submit button.
The following will then take place:
- The user will automatically be redirected back to the ComPay login page
- An email will be sent to the email address that matches the input parameters. It will include a specific URL and 'Reset Password' link, which will direct the user to a seperate screen to allow them to reset their password.
NOTE: There is a 'Back to login page' link to redirect the user back to the ComPay login page.
Below is an example of the 'Reset Pasword' email that is sent to the user.
Once the user selects either links in the above email - they will then be directed to a separate page. (screenshot below)
The user will fill out these fields and then select the Submit button - they will then be logged in automatically.
The new password will need to meet the following minimum requirements:
- Minimum 7 character length password
- Use at least 1 numeric value
- Must not be the same as the previous 4 passwords that you have used
- The special characters are also permitted under the following conditions ! @ # $ % & * + = ; ? ~ - _ :
Failed Log In Attempts
If there are several unsuccessful log in attempts then the following behavior will be executed:
3rd log in attempt: A pop-up message will be displayed to suggest using the 'Forgot your password' link
5th log in attempt: A pop-up message will be displayed to warn the user that their account will be locked for 30minutes on the 6th log in attempt
6th log in attempt: The URL will be disabled and the users account will be locked for 30minutes. Or they can request for their Master Administrator or Helpdesk to unlock their account.
Change Password
This new function allows the user to change their password after they have logged into ComPay.
The 'Change Password' link will be shown in the red banner, on the right hand side. (highlighted below)
This link will direct the user to a separate page, which will allow them to enter in the following details:
Current Password
New Password
Confirm New Password
NOTE: The Current and New password will be different.
Password Expiry - Before 90days
14days before their password expires, the user will be notified (via a pop-up message) that their password will expire when they log into ComPay.
The OK and CANCEL options will be shown. (screenshot below)
When you select the OK button, the following screenshot is shown.
This allows the user to change their password.
NOTE: When the CANCEL button is selected, the user will then be logged into ComPay directly.
Password Expiry - After 90days
The users password will expire after 90days.
If the user has not change their password before 90days, then they will be forced to change their password after the 90days has lapsed.
The following pop-up message will be shown and the user will automatically be directed to the change password screen.