Skip to main content

Legal

Tax & Accounting

Trade & Supply

Risk & Fraud

News & Media

Books

Developers

Managing users

Set Password Requirements

Only a company system administrator can set up or change the company's requirements for passwords.
To set up Tracker account password requirements for your users:
  1. Select
    Settings
    in the left navigation.
  2. Under
    Security
    , select
    Password and Sign-in Options.
  3. Configure the password settings.
    More Information
    Field
    Description
    Authentication Method
    • Tracker
      -Users sign in to Tracker using a Tracker account.
    • OnePass
      -Users sign in to Tracker using OnePass.
    • B2C
      -Users sign in to Tracker using the B2C tenant authentication framework.
    • OnePass SAML
      -Users sign on with OnePass that uses SAML single-sign on.
    Enable Strong Authentication For Firm Users
    Check this box to require firm users to use OnePass with multi-factor authentication (MFA) to log on to Tracker. When this box is checked, users attempting to log on to Tracker are directed to the OnePass MFA screen and must enter additional credentials to log in.
    Password Expiration
    Select how often user passwords should expire. If you change from
    Never
     to a specific number days, Tracker begins counting the number of days from the date you change the setting.
    Minimum Password Length
    Enter the minimum number of characters needed for a password. This setting applies to Tracker accounts, including web services accounts.
    Tracker requires at least eight characters.
    Minimum Password Complexity
    You can require that passwords contain a combination of lowercase, uppercase, numeric, or special characters. Next to the
    Minimum Password Complexity
     field, enter a number to require passwords contain a minimum number of these. For example, 2 in this field would require user passwords to contain at least two of these. A password with at least one lowercase alphabetical character and one numeric character would qualify, as long as it had the required minimum number of characters. A 4 in this field would require user passwords to have at least one lowercase, one uppercase, one numeric character, and one special character.
    This setting applies to Tracker accounts, including web services accounts.
    Account Inactivity Lockout
    This field lets you set the number of days that must pass without sign in activity before a user is locked out of Tracker.
    Failed Login Attempts
    Enter the maximum number of consecutive failed sign in attempts that can occur before a user is locked out of Tracker.
    Length of lockout
    Enter the number of minutes a user is locked out of Tracker after too many consecutive failed sign in attempts have occurred.
    IP Source Confirmation Required
    Select whether IP source confirmations are required.
    Unlock Account Settings
    Enter the amount of time users with locked accounts have to re-activate their account before it becomes inactive again. The default unlock duration is 24 hours. Choose a setting that gives users ample time to unlock their accounts.
    More Information
    The process to verify the unlocked accounts expiration runs every 2 hours. For example, if an account was unlocked at 2:00 pm today, and the unlock duration is 24 hours, the user has until the first job that runs after 2:00 pm tomorrow to log in and unlock the account. If the user does not log in within that time, the account will be locked with the first job that runs, which would be between 2:00 pm and 4:00 pm.
  4. On the toolbar, select
    Save & close
    .
You can set both the permissible number of characters and the level of complexity required for your user's password requirements.
Passwords can be set to expire after a given time period by selecting the appropriate length from the drop-down list. At the end of the time period you choose, users will be required to select new passwords the next time they sign in to Tracker. Tracker will reject any passwords that have been used by the user in the last 365 days.

This article applies to:

  • Product: Legal Tracker
  • Subject: Password
  • Audiences: Company