Cloud Elements has undertaken security enhancements to benefit all users of the platform, a direct impact of these changes being that on or before these deadlines, all user accounts using Basic Auth (User+Password) with weak passwords must update their UI passwords to comply with our updated more strict password requirements. This requirement to update weak user passwords will have no current impact on using the APIs or existing Authorization Header tokens, but if weak passwords are not changed by these deadlines then users will be locked out of the UI until they reset their passwords with the assistance of the Support team.
- Required Action:
All users with weak passwords must update their accounts to have Excellent UI passwords that comply with the following standards: at least 10 characters including at least 3 of the following 4 types of characters: a lower-case letter, an upper-case letter, a number, a special character (such as !@#$%^&*). Not more than 2 identical characters in a row (such as 111 is not allowed). For more information, see Access Control and Manage Security Settings.
- Reset all user passwords in your organization either by signing in the Cloud Elements UI to reset, or by performing a call to POST /authentication/passwords (link) with the user’s authorization headers.
Enhanced password complexity during creation of new users:
- Staging - August 17, 2020
- Production - September 1, 2020
Updating passwords of existing users for proper complexity:
- Staging - March 15, 2021
- Production - April 5, 2021
- Users with existing passwords that meet the above Excellent specifications will have no impact.
- Users who login to the UI with SSO, Google, or GitHub are not impacted by these updated password complexity requirements.