Loading...

Passwords for Public Facing Applications

Comments

11 comments

  • Sean Tame

    Can you please explain what password a customer has post v20.9 if they had different passwords in v19 and v20 prior?

  • Sara Noonan

    HI Sean - 

    In 20.90, passwords for public users are now housed in EV870.  So, after resetting the password, I would expect that public users would use the same password for both v20 and iEBMS public-facing applications.  Let us know if that's not what you're seeing.

  • Are you sure they're not now housed in EV865 Sara? (This is certainly where the iEBMS passwords now live).

  • Sean Tame

    Not exactly.

    I am on 20.8 and a customer has both iEBMS and v20 public profiles with different passwords.

    I upgrade to 20.9 - what password does the customer use?  Their iEBMS or v20 password? Or all passwords are null and void and they have to re-set?  It is important to know what the customer should expect.

    Thanks.

  • Sara Noonan

    This is one of those cases where I was completely confident in an incorrect answer!  Sorry for any confusion. 

    In 19.90 and 20.90, passwords ARE stored in EV865.  If an organization upgrades to 20.90, a public user attempting to hit an external link for the first time will need to reset their password.

  • Rob Bodart

    Are there special characters that are not permitted?  If so, is there documentation on special characters not allowed.  I just had an internet user that was changing their password to something containing # and *

    After changing, it did not recognize the new password.  Finally resolved it by having them change to a password without special characters in.

  • John Padgett

    Hi Rob,

     

    I spent some time talking to devs about this. For security purposes, there are characters that can't be accepted in passwords, though there doesn't exist a "master list" that we can publish. That being said, I would like to know what application you were using when you ran into this problem; bad passwords should never be accepted. Please let me know and I'll be happy to follow up with further information.

     

    John P

  • Rob Bodart

    This was encountered on a Calendar of Events (COE) log in.  The COE was not recognizing a previous password.  I walked the user through the "Forget your password? Click here" functionality on the COE sign in page.  The user entered a new password, and the application accepted it.  When the user tried to sign on with the new password, it kept saying the password was incorrect.  I then replicated on a second account with the same password.  Again, it allowed me to change the password but did not recognize it.  Tried this a few times.  Eventually, I tried removing # and * from the password.....and then it worked.

  • Maggie U.

    Hi Rob,

    I have created a ticket on your behalf for the situation you just described. Our Client Care Team will follow up with you. 

    Thanks,
    Maggie

  • Timothy Dickson

    Any update(s) on this?  I saw just now (while testing a new ESC) where a user had to change passwords when trying to log into the new ESC application. 

    So, are there any password requirements that we have to prepare the users for once we switch?

  • Sam Wilson

    Hi Timothy,

    Current versions of ESC should honor existing "legacy" iEBMS passwords. 

    An additional item to consider is that current ESC utilizes a Public Sign In Configuration instead of an iEBMS Logon Configuration. The Public Sign In Configuration can be used in conjunction with a Public Password Scheme (although a scheme is not required). A password scheme can be configured to have a password expiration period. It is possible this is in place and the user's password has legitimately expired according to the configured scheme.

    However, if you are finding instances where an existing password is clearly not working where you would expect, please submit a case so our developers can take a look. 

    Regards,

    Sam

Please sign in to leave a comment.