Users & Passwords
What are the length and complexity requirements on passwords?
Passwords must be a minimum of 8 characters, including at least one alpha, one numeric, and one symbol, with no spaces.
How long before passwords expire?
Passwords never expire. This is in line with current UK government advice and compliant with PCI for a system where users have no access to card data.
How many incorrect login attempts before users are locked?
A user is locked out after 5 failed login attempts.
Once locked how can a user be unlocked?
A user can be unlocked by an administrator or by using the password reset email functionality, AKA 'Forgotten Password?'.