Admin: Password Policy - Security for Division Organizations

On the Organizations page at the division level you can configure nVoq password security settings for client-only accounts that do not have an Admin Role. 

Accounts with an Administrator Role of any kind automatically adhere to settings listed under Password Security Settings for Accounts with an Administrator Role.  

Password Strength

This parameter configures the minimum password complexity required for users to log in with an nVoq password. The range is from weak to strong. A stronger password strength increases password security.

• Strong: Requires at least 8 characters and must contain lowercase, uppercase, number, and a symbol.
• Medium: Requires at least 7 characters and must contain a letter and number.
• Weak: Requires at least 1 character. 

Default Division Settings:

• Customer Care = Medium
• Healthcare = Weak

Reset on Initial Sign In

This parameter configures whether users are required to enter a new password the very first time they log in OR after a password reset. Slide this toggle to off (white) to disable the requirement.

Default Division Settings:

• Customer Care = On (blue)
• Healthcare = Off (white)

Password History

Enabling password history prevents a certain number (see History Count below) of previous passwords from being reused. Slide this toggle to off (white) to allow users to re-use passwords anytime.

Default Division Settings:

• Customer Care = On (blue)
• Healthcare = On (blue)

History Count

The History Count configures the number of previous passwords that cannot be reused. A history count of "1" means user cannot reuse the current password. A history count of "5" means the user cannot reuse the current password or the four previous passwords. 

Default Division Settings:

• • Customer Care = 5
  • Healthcare = 1

Lockout

When this toggle is on (blue), the system will automatically lock a user account after a certain number of failed login attempts (see Maximum Failure). When this toggle is off (white), the user has unlimited login attempts. When an account is locked it is unavailable for 15 minutes or until the password is reset. If the user attempts to login again without resetting the password during the 15 minute lockout period, the timer is reset and another 15 minute lockout begins. The user's number of failed login attempts resets to zero when the user changes their password or logs in successfully. It does NOT reset after the 15 minute account lockout period expires.

Default Division Settings:

• Customer Care = On (blue)
• Healthcare = On (blue)

Maximum Failure

This parameter sets the number of failed log in attempts a user can make before the system temporarily locks the account. This number applies to all log in attempts across products (e.g. nVoq.Voice, nVoq.Administrator, nVoq Wireless Microphone, etc.) on the same system (e.g. healthcare.nvoq.com). For example, if the user tries to log in 3 times (unsuccessfully) to nVoq.Voice and then tries (unsuccessfully) to log in to nVoq.Administrator 2 times, the user would then have 5 failed log in attempts. If the Maximum Failure for the account is set at 5, the account would be locked for 15 minutes. The number of failed login attempts resets to zero when the user changes their password or logs in successfully. It does NOT reset after the 15 minute account lockout period expires.

Default Division Settings:

• • Customer Care = 5
  • Healthcare = 15

Password Expiration

When this toggle is on (blue), this parameter configures password expiration and requires passwords to be reset after a certain number of days (see Maximum Age below). When this toggle is off (white), passwords will never expire.

Default Division Settings:

• Customer Care = On (blue)
• Healthcare = On (blue)

Maximum Age

This parameter sets the number of days that an nVoq password will be valid. After the number of days entered in this box, the passwords will expire.

Default Division Settings:

• • Customer Care = 90 days
  • Healthcare = 180 days

Warning Time

This parameter sets the number of days prior to password expiration that the system will notify users that their passwords are going to expire.

Default Division Settings:

• • Customer Care = 14 days
  • Healthcare = 14 days

Client Inactivity Timeout

This setting does not apply to any current nVoq application.

Minutes

N/A

Automatic Password Security Settings for Accounts with an Administrator Role

Accounts that have an Administrator Role (including Customer Administrator, Read Only, or Shortcut Designer) automatically adhere to the security settings listed below, regardless of what is configured for the division.

• Admin Password Policy

• Strength: Medium (requires at least 7 characters and must contain a letter and number)
• Reset on Initial Sign In: On
• If Division level Password Policy setting is set to "Strong," administrator passwords in the division adhere to that on the Add/Edit Account page ONLY. They do NOT adhere to this setting when the user changes their own password.

Admin Password History

• Default = On
• History Count:  5

Admin Lockout

• Default = On
• Maximum Failure: 5

Admin Password Expiration

• Default = On
• Maximum Age (days): 90
• Warning Time (days): 14

Admin Client Inactivity Timeout

• Default = Off
• Minutes: 15 minutes is the default setting.