LoanBeam Password security options

Password requirements for dashboard users are the following:

• Min 8 char, max 12 char
• At least one lower case char
• At least one upper case char
• At least one number
• At least one special character
• None of the past 12 passwords can be repeated
• After 5 failed attempts account is locked.
• Inactivity timeout is 30 min.
• Password rotation required every 90 days

Session Timeout Length - 30 min
Length of time before a password can be changed (minimum password age) - Any time

Length of time before a password has to be changed - After 90 days. Can be configured for the account.

Length of time before a password can be re-used (password history) - After 1 month and not equal to 12 previous passwords.

Login Attempts before an account is locked, and is it unlocked automatically after a time or does it have to be manually reset? – User(not account) is locked after 5 unsuccessful attempts. It has to be manually reset.

-----------------------------------------------

API INTEGRATION CLIENTS

For API Integrated clients (Encompass, MortgageBot etc.) the password requirements are the same as Dashboard clients. For API clients the main difference is that in addition to the user name and password, the system uses the API for authentication.

 - Example: For Encompass, general users will use the admin user's use name and password and API Key for LB API authentication purpose.

REFERENCE TICKET LBS00398382