Password Security Settings

User Maintenance Settings – Password Security

Company-wide login and password security options

To access these settings:

File > Administration > User Maintenance > Settings

Why this matters:

In response to recent security concerns, JobBag has strengthened its login protocols. The settings in this window let you define how strict your password security needs to be across your company.

Key Options Explained

1. Password Resets

• By default, passwords must be reset every 15 weeks.
• You can make this more frequent (e.g. every week or fortnight), but not longer than 15 weeks.

2. Minimum Password Requirements

When users change their password, they must include:

• At least one uppercase letter
• At least one lowercase letter
• At least one number
• At least one special character (!@#$%^&* )
• The minimum character length is defined in your database settings.

3. Compromised Password Check (Powered by Troy Hunt)

JobBag uses a service by Australian security expert Troy Hunt to check passwords against a database of known breaches.

If the password has been compromised in the past, it will not be allowed.

4. Append System Domain

This allows users to log in without typing the email domain.

For example, instead of typing alan.bond@brightidea.com.au , they can simply enter alan.bond .

5. Two-Factor Authentication (2FA)

You can enable 2FA to add an extra layer of security for all users. Highly recommended for protecting sensitive data.