Change/Reset Password
Prism provides retailers with flexible and powerful password management features.
- User changes own password
- User (e.g. Manager) resets other user's password (e.g. because the employee forgot the password)
- The system prompts user's to change password after certain number of days
- Require strong password
- Enforce password history
User Changes own Password
- Log in to RP Prism using the old password.
- Click the Retail Pro button.
- Select Change Password on the Prism menu.
- Enter the New Password and then enter it again in the Confirm New Password field.
- Click Update.
Reset other user's Password
To reset a password, a user must belong to a group that is assigned the EMPLOYEE - RESET PASSWORD permission. This is typically reserved for managers or admin-level users. Resetting a password is necessary if an employee forgets his/her password, or if the password is compromised (e.g. via social engineering).
- Log in to Prism as an admin user.
- Click the Retail Pro button and select Store Operations > Employees > Employee Management
- Filter for the employee whose password you want to change.
- Select the employee's record and then click the Change Password button.
- Enter the New Password and confirm it. Click Update. If the Require password change check box is selected, the user will be prompted and required to change the password upon first login.
Limitations
- Certain words are unable to be used as passwords, including: ‘welcome', 'database', 'account', 'user', 'password', 'oracle', 'computer', 'abcd', 'retailpro', 'rpro', 'islandpacific', 'ip', 'rti', 'rapidigm', 'design', 'sysadmin', 'admin', 'administrator', 'sqa', 'tech'
- The SYSADMIN user is a special system user that is available in Prism. When you first install Prism, you use the SYSADMIN user login credentials to log in to Prism. You should change the password for the SYSADMIN user, The SYSADMIN user password is not replicated.
Password Policy Preferences
In Node Preferences > Employee > Policy you can set various preferences related to passwords. A few of the key settings are explained below. See the Employee Password Policy topic for more details.
Strong Password Specifications
If the Enforce Strong Passwords preference is selected in Node Preferences > Employee > Policy, passwords should contain at least one character from all four of the following groups
- Numbers: 0123456789
- Uppercase letters: ABCDEFGHIJKLMNOPQRSTUVWXYZ
- Lowercase letters: abcdefghijklmnopqrstuvwxyz
- Special characters: !"#$%&()``*+,-/:;<=>?_
The new password must have at least three characters that are different from the previous password.
In Prism 2.3 and later you can customize the "Enforce Strong Password Policy" feature.
| Setting | Description |
|---|---|
| Password Minimum Length | Enter the desired minimum length of new passwords. |
| Password Requires Special Characters | If selected, new passwords must include a special character (!, @, #, $, %, &) |
| Password Requires Uppercase Character | If selected, new passwords must include an uppercase character. |
| Password Requires Number | If selected, new passwords must include a number (0-9). |
Sample Node Preferences > Employee > Policy:
Enforce Password History
If the Enforce Password History checkbox is selected in Node Preferences > Employee > Policy, then users are prevented from using the same password for the number of days specified.
Password Expires After
If the Password Expires After checkbox is selected in Node Preferences > Employee > Policy, then users will be prompted to change the password before the password expires (based on the number of days specified). By default, the number of days is set to 1. Set the desired number of days. For example, if the "Prompt changing password before expiration" is set to "7", then starting seven days before expiration, the user will be prompted to change the password upon login. The user can still continue, if desired.I