1. Arbor Help Centre
  2. Arbor - Getting started
  3. Logging in

Editing Arbor's Password Rules

Avatar
Gwyn Mabo

The article explains how to edit password rules in Arbor, including requirements for password composition, minimum length, and expiration periods. It provides guidance on navigating to the settings and saving changes, along with FAQs about password length and validity.

The Password Rules page allows you to specify how user passwords are set up for security purposes, including how often users are asked to change their password and rules for formatting a password. 

To edit the rules:

1. Go to School > Users and Security

2. Select Users > Password Rules from the left-hand menu.

Here you will see the options to set password rules for Students, Teachers and Other (guardian) user profiles.

Screenshot_2021-11-16_at_12.11.54.png

 

Editing the rules

To edit the rules, click the Edit Rules button. A slide over will appear where you can enter the rules you wish to apply.

  • Requires number/ Requires letter/Requires mixed case - These settings determine what a user's password must include. When choosing a password, it needs to fulfil this criterion. Number and letter are required for staff profiles, but not for student or guardian profiles.
  • Min length - This compulsory field indicates the minimum number of characters a password needs to be.
  • Days valid - Users will be prompted to change their password after the number of days specified has passed. It is not possible to have passwords that do not expire.

Once you set the rules, click Save Changes.

Screenshot_2021-11-16_at_12.12.42.png

 

FAQ

How long does a password need to be?

You can set a requirement for password lengths, with these values:

  • Minimum: 7 characters
  • Maximum: 16 characters

How many days can a password be valid for?

You can set a requirement for the length of time a user can use their password before they need to set a new one:

  • Minimum: 1 day
  • Maximum: 730 days or 2 years

Can we force a password reset?

Each day, we check whether the age of a user's password is more than or equal to how old passwords can be. If greater, the user will need to reset their password.

This means that you can set the Days valid to 1 to force a password reset for everyone tomorrow.

Top Tips:

  • You can't force a reset today, as you can't set the days to zero.
  • Once the reset has been completed, you'll need to change the Days valid back to your default, to prevent passwords needing to be changed each day.

Screenshot 2023-07-31 at 10.35.32.png

Was this article helpful?
3 out of 16 found this helpful

Articles in this section

I'm still stuck!

Comments

0 comments

Article is closed for comments.