Typically, an administrator user can view and modify staff members’ passwords. However, in some situations, it is preferable to set things up such that not even the administrator can access the user login. For those situations, a strong password mechanism is introduced especially.
The working
- By keeping the user password hidden throughout the program, its security is improved. When necessary, passwords and other pertinent information are shared via email. Since emails are sent using the EasyEdmin email system, a customer email account is not necessary for this function.
- There is a switch at the license level to enable or disable this method. That is, it cannot be changed.
- When a strong password is enabled, each employee's email address is required, along with email verification.
- The employee will be the only one to receive the password via email. This implies that before a user can log in, their email must be validated.
- Once the user's email has been updated and validated, the password will be changed to a random value. An email confirming the change will be sent to the old email address, and a newly created password will be sent to the new one.
- If the user forgets their password, they can utilize the reset password option, which will reset their password and send the freshly created one to their email address.
- User can change and verify their own email address.
- When EasyEdmin account is switched to "Strong Password Mechanism" at later stage, user will still be able to login to the system using their existing user credentials. But they won't be able to reset password until their email address are set and verified.
- In Central HR Server/Client model, email verification can only be initiated from Central Client end.
