Customer Portal Send Feedback Print

Previous Topic

Next Topic

Book Contents

Password Security Check

CSI Digital Banking Password Security Check feature notifies users if the password they currently use has appeared in data breaches at other companies. When this occurs, users will be presented with an ‘Update Your Password’ prompt when logging into Digital Banking.

As part of the service, your bank can establish a password breach threshold. This threshold sets the number of times a user’s password can match those on the compromised list before they are automatically required to create a new password for their Digital Banking profile.

Password Security Check Details and Frequency

An alert will occur immediately when a password is entered at login or if the password is changed.

Temporary one-time passwords will not be subjected to this requirement. If the threshold is lowered, a previously acceptable password could produce a change password prompt for users.

Bank Settings: Password Threshold and Force Password Option

There are two new Password Security Check options within Admin>Security>Password.

Password Breach Check Threshold: This is the number of times a user’s password can appear on the compromised list before they are prompted to change it. By default, the threshold is set to 100 but can be changed by your bank as needed. If the field is left blank, the threshold will be saved as "1". This means, the change password prompt begins displaying for a user the first time the threshold is met or exceeded.

User Deferred Force Password Change: This option gives the user the ability to bypass the change password prompt and log into Digital Banking by clicking on the "Continue Without Changing Password" link. The user will continue to receive the prompt each time they log into Digital Banking until the password is changed.

When the User Deferred Force Password Change option is NOT set, the user will be required to change their password the first time the prompt is presented before they can log into Digital Banking.

Breached Password Screen Verbiage Customization

The Breached Password screen verbiage, as well as the dismissal verbiage, can be customized by your bank. These new custom text options are available under Bank Settings>Custom Text>Settings.

  • Change Password – Breached Password
  • Change Password – Breached Password Dismiss

To Customize the Breached Password Screen:

  1. Access Admin>Bank Settings>Custom Text>Settings>Change Password – Breached Password
  2. Edit the standard message displayed in the text box and select save. The new text will now be displayed during the login process when a user has been flagged with a password breach.

To Customize the Breached Password - Dismiss Screen:

  1. Access Admin >> Bank Settings >> Custom Text >> Settings >> Change Password – Breached Password Dismiss.
  2. Edit the standard message displayed in the text box and select save. The new text will now be displayed when a user dismisses the Breached Password notification.

69759

See Also

When the customer user name is invalid, why does it ask the security question instead of saying it's invalid?

Changing a Customer’s Password

Helpful Reports to Review

How are customer alerts generated?

Manually Adding a Customer

Manually Building a User

Marketing using E-Mail Campaigns

How to Set Up Custom Text

Searching for a Customer

Editing a Customer’s Security Question Answers

Unlocking a Customer

Adding Accounts to a Profile

Removing Accounts from a Profile

What is a Universe?

Managing Self Enrollment Requests

Managing A2A (External Transfers)

Processing Wires

Automatic Wire Processing

Processing ACH

SBA 7(a) Express Lending Platform

Setting Up ACH Positive Pay

Corporate Customer Process: Managing Filters on Accounts

Transfers

Card Transaction Disputes
Top of Page Customer Portal Send Feedback Print