Passwords
IBM TRIRIGA supports strong passwords. Using strong passwords lowers the overall risk of a security breach. Define your company's implementation in .
Initial password
When an administrator creates a new user in IBM TRIRIGA, the new user will receive an email with instructions on how to create an initial password. The instructions will direct the new user to the IBM TRIRIGA login screen, where the user must click the Forgot password? link to generate a temporary password for their initial login.
Authentication for new users
If a new user is created and defined with the login authentication type of TRIRIGA Authentication, then a notification informs this user that to access IBM TRIRIGA, the user must use the provided TRIRIGA link and instructions to set up the initial password.
Forgot password
In the IBM TRIRIGA login screen, there is a Forgot password? link. When this link is clicked, the user will be prompted for an email address. If the email address is associated with exactly one IBM TRIRIGA user, that user will receive an email containing a temporary password. The temporary password will expire after 5 minutes.
Administrators can configure the temporary timeout duration on the Password Setup page via
.Authentication after selecting the "Forgot password?" link
If a user with the login authentication type of TRIRIGA Authentication uses the Forgot password? link to change the password, then a notification informs this user to use the provided TRIRIGA link and temporary password to change the password.
Change password
From the IBM TRIRIGA header bar, in the user profile menu, there is a Change password button. When this button is clicked, a popup window will give the user the opportunity to create a new password. This popup window displays a certain set of rules that the new password must meet.
Administrators can configure the password rules on the Password Setup page via IBM TRIRIGA delivers a default set of password rules. Although the Password Setup page does not have an option to disable password rules, this page contains a Restore Default Rules link.
.Administrators can also send temporary passwords to one or more users from the Force Password Reset page via Send Temporary Password link. When this link is clicked, any users with a valid email address who are placed in the Reset Password query section will receive an email to reset their password.
. There is aCustom password rules
- Restore Default Rules
- This link does not remove any custom password rules. This link only applies to the default set of password rules that are delivered by IBM TRIRIGA.
- Existing Formulas
- This link displays all existing system and user formulas that are supported by TRIRIGA, which can be used as a guide to create a new formula expression.
- Validate Formula
-
This link checks if the formula in the Custom Password Rules Formula field is a valid expression. If the formula is valid, the section header turns green. If the formula is invalid, the section header turns yellow and displays an error message.
Note: Validation also occurs when the Password Setup page is saved. - Custom Password Rules Formula
-
This field is used to add custom password rules by using a TRIRIGA formula expression, similar to a formula expression that is entered into a custom switch task on a workflow. Administrators must have some knowledge of writing TRIRIGA formula expressions when they add a custom rules formula.
The custom rules formula must result in a Boolean output. All parameter variables that represent the password to be validated must be named
P
. All other parameter values must be hard-coded. The maximum character limit for the formula is 4000 characters.The following example defines that the password (P
) cannot contain a space ("password
" (case-insensitive).indexof(P, " ") == -1 && tolower(P) != "password"
- Custom Password Rule Requirements
-
This field is used to add a comma-separated list or a new-line-separated list of the rule requirement details that are defined in the above formula. The maximum character limit for this field is 1000 characters.
Each rule requirement will appear in the list of rule requirements that are displayed on the Create New Password screen via the Forgot password? link. Each rule requirement will also appear on the Create New Password screen via the Change password button from the IBM TRIRIGA header bar.
The following example corresponds to the above formula example by defining the text after "Your password must:" that is displayed on the Create New Password screen.not contain a space not be the word "password"
Password notifications
The "Initial password" and "Forgot password" notifications require IBM TRIRIGA environments to be configured for sending outbound mail.