Summary
Create initial passwords for users, require a password change at first use, and reset passwords for users. These features apply to users, when you create them, or through their profiles.
Password features are available to all customers.
Access permissions
Admins can create new accounts and invite new learners freely.
Managers assigned to a group can reset passwords for the learners in their group.
The rule of thumb: if the manager can view the learner's profile, then the manager has permissions to reset the person's password.
Create or invite users: initial passwords
When you create or invite users you decide how to handle their password requirements. Discuss password options with your implementation consultant or customer success manager, to determine what you need for password protection, while letting your users access the application.
One significant distinction between creating users or inviting users is whether you:
- provide an initial password (create users)
- allow users to create their own (invite users)
See Add users to your portal for background.
If you create users by batch upload, you can specify if they must change their password at first login by entering Yes in the must_change_pass column, in the batch import sample file available from the batch upload page.
See Upload users by batch CSV file.
Reset passwords
Reset passwords for users, and require users to change their password at their next login.
- From main navigation go to Users, and search for the user whose password you need to change.
- Select the user name, or select More...> Profile to open User Info.
- From User's Summary, select Set Password.
- In Set a password for this user, enter a password and its confirmation.
- Optionally: select User must change password on login.
- Save to finish.
The following screenshot shows the password change dialog.
Admins can reset existing users' passwords using batch upload if required: enter Yes in the must_change_pass column, and upload your file.
Lost and forgotten passwords: automated reset
Users who cannot log in can use the Forgot password? link on the login page.
If they have a user account, the application sends a reset link to their email address. The URL expires after about an hour.
Note: this feature works only for active users: it does not work for pending users. Pending users are those who you have invited by email but who have not yet selected the link to confirm they are joining the portal.
You can disable Forgot password? for your portal, if required. Contact the support team with a request.
If a user is locked out - for example, after too many password attempts - they can use Forgot password? to regain access immediately. An admin resetting the password won't give them immediate access.
Additional password and security features
Other features for security are available at the portal level. See
- Set advanced password requirements for the portal
- Portal setup: two-factor authentication (2FA)
- Portal setup: reCAPTCHA
See: